undefined | Better HN

0 pointsmarkhahn10d ago0 comments

if your model is that linux is just about single-user desktops, this local exploit isn't too bad. or if your model is nothing but DB servers or the like.

mystifying to me that shared, multi-user machines are not thought of. for instance, I administer a system with 27k users - people who can login. even if only 1/10,000 of them are curious/malicious/compromised, we (Canadian national research HPC systems) are at risk. yes, this is somewhat uncommon these days, when shell access is not the norm.

but consider the very common sort of shared hosting environment: they typically provide something like plesk to interface to shared machines with no particular isolation. can you (as a website owner or 0wner) convince wordpress/etc to drop and execute a script? yep.

0 comments

edelbitter10d ago

Ubuntu is not really targeting multi-user any more. Security update installation is deliberately delayed for all users, until at some point all unprivileged users ended all processes launched from the vulnerable snap image. (Firefox RPC breaks when you replace the binary, so having to reopen your browser to keep opening tabs simple because security upgrades were applied in the background would be inconvenient)

CGamesPlay10d ago

> if your model is that linux is just about single-user desktops, this local exploit isn't too bad.

For example, if you have passwordless sudo, you've already got a widely known LPE vulnerability lurking on your system.

dwedge10d ago

Only for your user, and it means a keylogger on the system if it gets rooted can't pull your password to try on other machines. Personally I always either login as root or use passwordless sudo.

XorNot10d ago

Yubikeys are also surprisingly annoying when setup for the as well. A working developer just needs sudo a lot.

Realistically a "sudo button" would be handy, on the keyboard, with a display to show a confirmation pin for the request (probably also needs a deny button so you can try and identify weird ones).

parliament3210d ago

Sounds like a good use case for that new Copilot button you see on newer keyboards.

IshKebab10d ago

You don't even need a button. Just a secure dialog like Windows has.

Pay0810d ago

I mean, that's what you have pinentry for.

oviet10d ago

hmm have i missed anything?

OvervCW10d ago

Any program on your computer can just run "sudo" to escalate itself.

hk__210d ago

The problem is not the passwordless sudo but running untrusted programs on your computer under your user. They don’t need sudo to steal your SSH keys or inject malicious code in your .bashrc.

AntiUSAbah10d ago

Not to bad? So we just threat linux overall as a single user system or what?

j / k navigate · click thread line to collapse