Local users get to play root?
Richard Hughes
hughsient at gmail.com
Wed Nov 18 19:29:32 UTC 2009
2009/11/18 nodata <lsof at nodata.co.uk>:
> You install software with a known buffer overflow before it is fixed and
> exploit it. More software = more chances to exploit. Bingo!
Why would the additional package start extra services? I thought there
were guidelines about that. Anyway, if the user has physical access to
the machine, there are many quicker ways to root the box in question.
(Like rebooting, and using grub to go to runlevel 1)
Richard.
More information about the devel
mailing list