Redhat/CentOS root through network-scripts
34 views
Skip to first unread message
bo0od
Apr 16, 2019, 6:51:11 AM4/16/19
to qubes...@googlegroups.com
Marek Marczykowski-Górecki
Apr 16, 2019, 7:29:18 AM4/16/19
to bo0od, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Tue, Apr 16, 2019 at 10:50:00AM +0000, bo0od wrote:
> https://seclists.org/fulldisclosure/2019/Apr/24
>
> Does this effect Qubes?
If you have write access to files in /etc, you have already root access.
This is not really different than modifying sudo configuration, or
changing root password. If you can do that, it means you already have
control.
I agree with RedHat security team here - this is not an issue.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAly1vIYACgkQ24/THMrX
1yw1Hgf/TBZAn/dbkWIf826zyKNy7vHRUtf/Qu18UPzA+EgBODferlBi5ah5Ico7
rD0kF0eAdUKTSsr90/+5TQslLPNrodqa8LlD5MS+PrEVW2kj0bB5t29rWnFsIQQp
5Izt4P/uzh3I1OFdwlds4zzArTcihFdsCgimclnvKfV1oAg5xbOBuZO67Za5oj4e
d6nNfxsquvPlafvrNt3TylyI2cO+pu7v46Pjx2zohiTrs/wWPhIrVwcrx432uVzs
uQWcmqCH+TUR8jN51pb1BufPiojg28GzRXOQhqFUJ43Sg5C6lN2Ue+3Ol9cIcDR8
weL82L8CcBFoQ2lQWjid1B3KfSddAw==
=jo0d
-----END PGP SIGNATURE-----
Hash: SHA256
On Tue, Apr 16, 2019 at 10:50:00AM +0000, bo0od wrote:
> https://seclists.org/fulldisclosure/2019/Apr/24
>
> Does this effect Qubes?
This is not really different than modifying sudo configuration, or
changing root password. If you can do that, it means you already have
control.
I agree with RedHat security team here - this is not an issue.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAly1vIYACgkQ24/THMrX
1yw1Hgf/TBZAn/dbkWIf826zyKNy7vHRUtf/Qu18UPzA+EgBODferlBi5ah5Ico7
rD0kF0eAdUKTSsr90/+5TQslLPNrodqa8LlD5MS+PrEVW2kj0bB5t29rWnFsIQQp
5Izt4P/uzh3I1OFdwlds4zzArTcihFdsCgimclnvKfV1oAg5xbOBuZO67Za5oj4e
d6nNfxsquvPlafvrNt3TylyI2cO+pu7v46Pjx2zohiTrs/wWPhIrVwcrx432uVzs
uQWcmqCH+TUR8jN51pb1BufPiojg28GzRXOQhqFUJ43Sg5C6lN2Ue+3Ol9cIcDR8
weL82L8CcBFoQ2lQWjid1B3KfSddAw==
=jo0d
-----END PGP SIGNATURE-----
Simon Newton
Apr 16, 2019, 7:44:28 AM4/16/19
to Marek Marczykowski-Górecki, bo0od, qubes-devel
>If you have write access to files in /etc, you have already root access.
Playing devils advocate a second, unexpected exec is still unexpected exec. I see the adversarial usefulness for this issue to be more around pwn persistence than initial exploitation.
Cheers
Simon
--
You received this message because you are subscribed to the Google Groups "qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel...@googlegroups.com.
To post to this group, send email to qubes...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/20190416112910.GH1502%40mail-itl.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages