Michael Lazin on 6 Dec 2018 14:31:16 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: [PLUG] Yet another fresh linux exploit |
Michael,
Is this a practical problem? That is, do many (any?) Linux systems
have UIDs greater than 2,147,483,646?. Do they use negative
numbers?
By default my Linux boxes typically have UIDs 0 to 499 for special
users, and 500 on up for regular users. But they count up from 500
by ones, so it would take a LONG time to get to UID 2,147,483,647.
I don't expect to ever admin a system that has over 2 BILLION past or
present users.
I agree it's a bug and should be fixed. But is there any real urgency
for this one? For example, is there some package I'm likely to add to
my system that creates UID that are huge or negative?
Thanks!
--Fred
------------------------------------------------------------------------
Fred Stluka -- Bristle Software, Inc. -- http://bristle.com
#DontBeATrump -- Make America Honorable Again!
------------------------------------------------------------------------
On 12/6/18 12:32 PM, Michael Lazin wrote:
> https://thehackernews.com/2018/12/linux-user-privilege-policykit.html
>
> --
> Michael Lazin
>
> to gar auto estin noein te kai ennai
>
>
> ___________________________________________________________________________
> Philadelphia Linux Users Group -- http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug