| Fred Stluka on 6 Dec 2018 13:04:39 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Yet another fresh linux exploit |
Michael, Is this a practical problem? That is, do many (any?) Linux systems have UIDs greater than 2,147,483,646?. Do they use negative numbers? By default my Linux boxes typically have UIDs 0 to 499 for special users, and 500 on up for regular users. But they count up from 500 by ones, so it would take a LONG time to get to UID 2,147,483,647. I don't expect to ever admin a system that has over 2 BILLION past or present users. I agree it's a bug and should be fixed. But is there any real urgency for this one? For example, is there some package I'm likely to add to my system that creates UID that are huge or negative? Thanks! --Fred ------------------------------------------------------------------------ Fred Stluka -- Bristle Software, Inc. -- http://bristle.com #DontBeATrump -- Make America Honorable Again! ------------------------------------------------------------------------ On 12/6/18 12:32 PM, Michael Lazin wrote:
https://thehackernews.com/2018/12/linux-user-privilege-policykit.html -- Michael Lazin to gar auto estin noein te kai ennai ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug