[TUHS] shell escapes in utilities

Niklas Karlsson nikke.karlsson at gmail.com
Wed Aug 2 07:13:09 AEST 2023

Den tis 1 aug. 2023 kl 22:48 skrev Steffen Nurpmeso <steffen at sdaoden.eu>:

> Niklas Karlsson wrote in
>  |
>  |To be fair, local root exploits are a bit of a different animal from
>  |remote ones. Even now, if you have physical access to your average *nix
>  |box, you can likely gain root. Sure, there are ways and means of
> I find this a provocative statement even in the silly saison.
> I would assume that despite EFI firmware snooping key presses when
> entering the disk key on cold boot, or other sort of nifty spying
> (the famous USB sticks that "turn into keyboards and send key
> presses" (as root?) cross my mind), i would think that you have
> a hard time as a normal user to become root.  On this box; even
> though you are not further separated via "ip netns exec .. unshare
> .." etc.; some SETUID programs exist

I'm sorry, I'm having trouble parsing what you're saying here, other than
that a physically present user would have difficulty becoming root. But
yes, obviously an encrypted disk would present a major obstacle.

>  |preventing that, but IME it's really only people doing really secret
>  |spook stuff that bother with those. Even engineering outfits with big
>  |secrets to protect usually don't bother.
>  |
>  |What you did with that RS/6000 sounds roughly equivalent to booting a
>  |modern Linux box in single-user mode, where you can also set the root
>  |password to anything you like.
> Not here.

Very well, then your installation is a lot more ambitious than most I've
come across.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tuhs.org/pipermail/tuhs/attachments/20230801/0d85b148/attachment.htm>

More information about the TUHS mailing list