undefined | Better HN

0 pointsdustfinger7y ago0 comments

Yah, the title is technically not accurate since 2*(INT_MAX -1) overflows, is not negative and cannot run arbitrary systemctl commands (I have not tested though). The title would have been clear if it had read:

> unprivileged users with negative UID can successfully execute any systemctl command

0 comments

1 comments · 1 top-level

dustfingerOP7y ago

I was wrong. You can create UID greater than int_max. The problem happens in a policy kit assertion. pjmlp linked the policy kit issue #74 (thanks).

j / k navigate · click thread line to collapse