Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
MayeulC
on March 7, 2022
|
parent
|
context
|
favorite
| on:
The Dirty Pipe Vulnerability
Wouldn't this allow modifying a cached version of /sbin/su to nop the password check? This seems really easy to exploit for privilege escalation.
max_k
on March 7, 2022
|
next
[–]
Yes. But you can also inject code into libc.so.6, and all running processes will have it.
staticassertion
on March 7, 2022
|
parent
|
next
[–]
Or /etc/passwd
freemint
on March 7, 2022
|
prev
[–]
Yes it would. That is implied because writing arbitrary files means you can also edit the permission systems
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
