Re: [PLUG] kernel bug - gain root priv

Fred Stluka via plug on 29 Mar 2021 05:51:15 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] kernel bug - gain root priv

From: Fred Stluka via plug <plug@lists.phillylinux.org>
To: PaulNM <plug@paulscrap.com>, plug@lists.phillylinux.org
Subject: Re: [PLUG] kernel bug - gain root priv
Date: Mon, 29 Mar 2021 08:51:09 -0400
Organization: Bristle Software, Inc.
Reply-to: Fred Stluka <fred@bristle.com>
Sender: "plug" <plug-bounces@lists.phillylinux.org>
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.9.0

Paul,

Good point!  Any exploit that allows a local user to gain root
access is a problem.  I like to think I've keep external folks out,
but if I'm not, this makes me much more vulnerable.

Thanks!
--Fred
------------------------------------------------------------------------
Fred Stluka -- http://bristle.com -- Glad to be of service!
Open Source: Without walls and fences, we need no Windows or Gates.
------------------------------------------------------------------------

On 3/24/21 11:35 PM, PaulNM via plug wrote:

On 3/24/21 4:08 PM, Fred Stluka via plug wrote:

Jeff,

Thanks for the tip!  I especially appreciate your summary of the
problem.  Saying "could allow local attackers" is VERY useful to
me.  For servers where I'm the only local user, I don't have to
worry about this one.

Be careful about that kind of thinking. Anything that runs on your
server does so as a local user. A vulnerability in one of those could
allow an attacker to do something locally. For example, a vulnerability
in a webserver allows an attacker to run code on the server as the
www-data user (or whatever user the service is running as).

If you read up on pretty much any major breech you'll find they tend to
be like that, a multi-step process that gives them more and more control.

The only thing "local attack" effectively means is that an attacker will
have to take an extra step or two to gain control. That's MUCH better
than a remote vulnerability, but still a problem that needs to be addressed.

- PaulNM
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug


___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] kernel bug - gain root priv
  - From: Rich Freeman via plug <plug@lists.phillylinux.org>

References:
- [PLUG] kernel bug - gain root priv
  - From: jeffv via plug <plug@lists.phillylinux.org>
- Re: [PLUG] kernel bug - gain root priv
  - From: Fred Stluka via plug <plug@lists.phillylinux.org>
- Re: [PLUG] kernel bug - gain root priv
  - From: PaulNM via plug <plug@lists.phillylinux.org>

Prev by Date: [PLUG] USB superposition - alive and kicking 😁
Next by Date: Re: [PLUG] Chinese state hackers - new linux malware
Previous by thread: Re: [PLUG] kernel bug - gain root priv
Next by thread: Re: [PLUG] kernel bug - gain root priv
Index(es):
- Date
- Thread