Another day, another escalation of privilege bug
-
Microsoft finds another escalation of privilege exploit…
-
@izzion said in Another day, another escalation of privilege bug:
Microsoft finds another escalation of privilege exploit…
-
Oh look another Linux exploit that is completely avoided by just not having the BS that is systemd.
-
@Dragoon said in Another day, another escalation of privilege bug:
the BS that is systemd
systemlube
-
@Dragoon said in Another day, another escalation of privilege bug:
Oh look another Linux exploit that is completely avoided by just not having the BS that is systemd.
At least they learned from the Netscape fiasco and released their ground up rewrite early, before everyone had given up and gone elsewhere
-
Just got the update for this from Ubuntu.
-
@izzion indeed, and thus disaster was averted.
-
I'm also baffled by a few other things:
So networkd is just a bunch of python scripts cobbled together?
And all of this works by having arbitrary programs communicate with each other over dbus, but nobody really knows what the complete list of "bus names" is, so nobody bothered to reserve this "org.freedesktop.network1" name for privileged use only, but other privileged code trusts it when it's used?
-
@topspin The more I hear about dbus, the less I like it.
-
@topspin said in Another day, another escalation of privilege bug:
So networkd is just a bunch of python scripts cobbled together?
Not really. The
systemd-networkd
is written in C. And thenetworkd-dispatcher
is not part of it, it is some add-on hack.Worse, for all the wrong reason it runs on my system even though
systemd-networkd
does not, because there is network manager instead.@topspin said in Another day, another escalation of privilege bug:
And all of this works by having arbitrary programs communicate with each other over dbus, but nobody really knows what the complete list of "bus names" is, so nobody bothered to reserve this "org.freedesktop.network1" name for privileged use only, but other privileged code trusts it when it's used?
I am not sure how this is used, but maybe it is exactly the problem where the
networkd-dispatcher
is running, butsystemd-networkd
not.
-
@dkf said in Another day, another escalation of privilege bug:
@topspin The more I hear about dbus, the less I like it.
D-Bus is not at fault here. Anything would be vulnerable if misconfigured.
-
@Bulb said in Another day, another escalation of privilege bug:
because there is network manager instead.
You have my sympathy. In my experience, Network Manager is major suckage.
-
@Steve_The_Cynic Your mileage clearly varies. It works fine for me.
-
@Bulb said in Another day, another escalation of privilege bug:
D-Bus is not at fault here. Anything would be vulnerable if misconfigured.
But if it is easy to misconfigure, is it blameless?
-
@dkf said in Another day, another escalation of privilege bug:
@Bulb said in Another day, another escalation of privilege bug:
D-Bus is not at fault here. Anything would be vulnerable if misconfigured.
But if it is easy to misconfigure, is it blameless?
If it is central, unavoidable, has wormed its way into ubiquity, and is easy and disastrous to misconfigure, is it anything but some hell-spawned thing sent onto us via the unclosed Gate that is Poettering's damaged brain meats?
-
@dkf said in Another day, another escalation of privilege bug:
@Bulb said in Another day, another escalation of privilege bug:
D-Bus is not at fault here. Anything would be vulnerable if misconfigured.
But if it is easy to misconfigure, is it blameless?
I don't think you could make anything less easy to misconfigure in this case. If the name should be reserved even when the service providing it is not running, someone has to remember to register it, and would have to remember to register it no matter what IPC was used.