undefined | Better HN

0 pointshnlmorg23d ago0 comments

It’s literally in the opening post you replied to:

> A local privilege escalation to root via an exploitable service?

> Doesn't Linux have one of these CVEs...each week?

Why else would people be talking about docker, and user/group ownership of running services, and so on and so forth, in response to their comment and yours?

0 comments

IshKebab21d ago

If you actually read the article, the "exploitable service" is Windows Defender scanning a file that the user has downloaded.

hnlmorgOP21d ago

Yes.

- “Windows Defender” is the service

- the discussion was about how Defender might have “root” access but Linux services have CVEs too.

The reason Defender has elevated access is precisely because it needs to do stuff like hook into file system events and scan files irrespective of their underlying ACLs.

So it’s not the same as desktop anpplication exploit that would be running as the same user/group as the person logged in. And it’s also not the same as any other type of service, be that a RDBMS, web server, IRC server, nor any other type of server you might think off.

In fact this is true for both Windows AND Linux. Your average service will not have access to read user files and desktop applications are not services running as root.

I get you’re trying to make a balanced argument. And I do agree that Linux has had a great many poorly thought out design decisions (and even more problems inherent from its POSIX lineage). But the specific arguments you’re making in this thread are just misinformed and misunderstand how these operating systems work.

j / k navigate · click thread line to collapse