On Thu, Aug 12, 2021 at 08:32:14AM +0200, Vincent Bernat wrote: > >> I just ran across this article > >> https://blog.ikuamike.io/posts/2021/package_managers_privesc/ I tested > >> the attacks on Debian 11 and they work successfully giving me a root > >> shell prompt. > > I don't think calling this "privilege escalation" or "attack" is correct. > > The premise of the post is "the user should not be a root/admin user but > > has been assigned sudo permissions to run the package manager" and one > > doesn't really need a long article to prove that it's not secure. > > I think the article is interesting nonetheless. Some people may think > that granting sudo on apt is OK. Some people may think granting sudo to vim is OK, but we need to educate in general that some programs can run other programs, and so restricted sudo is not as restricted as it sounds. > In the past, I think "apt install ./something.deb" was not possible. Yup, so "and programs you allowed in the past can gain new features even if they didn't have them in the past". -- WBR, wRAR
Attachment:
signature.asc
Description: PGP signature