fsebugoutzone.org:9999

       Post AvC83vsgdkZjnMdwHo by wall_e@ioc.exchange
 (DIR) More posts by wall_e@ioc.exchange
 (DIR) Post #AvBojVLzezTYbLtfcm by cR0w@infosec.exchange
       2025-06-16T13:03:45Z
       
       11 likes, 10 repeats
       
       https://github.com/ubuntu/authd/security/advisories/GHSA-g8qw-mgjx-rwjrWhen a user who hasn&#39;t logged in to the system before (i.e. doesn&#39;t exist in the authd user database) logs in via SSH, the user is considered a member of the root group in the context of the SSH session. That leads to a local privilege escalation if the user should not have root privileges.
       
 (DIR) Post #AvBotcp4kGI6f7KFVI by lanodan@queer.hacktivis.me
       2025-06-16T13:44:32.454092Z
       
       3 likes, 0 repeats
       
       @cR0w Lol, ubuntu-authd was defaulting to gid 0.
       
 (DIR) Post #AvBpChU3djOecVafU8 by djsumdog@djsumdog.com
       2025-06-16T13:48:02.131222Z
       
       1 likes, 0 repeats
       
       If using authd for an external identity provider, but they&#39;ve never been a local user. It&#39;s a pretty limited use case, probably if you&#39;re using some &quot;cloud&quot; auth provider like AWS-IAM or whatever Google&#39;s version is.
       
 (DIR) Post #AvBpGD5Sb1FjVLl6PY by lanodan@queer.hacktivis.me
       2025-06-16T13:48:36.846241Z
       
       2 likes, 0 repeats
       
       @cR0w And seems like https://github.com/ubuntu/authd/commit/619ce8e55953b970f1765ddaad565081538151ab does not fixes value it gets initialized to (ought to be something like nogroup) but only addresses the logic error.So &quot;0 days since last ubuntu-authd tripped and gave too much privileges&quot;
       
 (DIR) Post #AvC83vsgdkZjnMdwHo by wall_e@ioc.exchange
       2025-06-16T16:21:59Z
       
       1 likes, 0 repeats
       
       @cR0w David Attenborough voice:&quot;As a sign of cooperation, the wild server offers a reciprocal &#39;root on first use&#39; to the user&#39;s &#39;trust on first use&#39;...&quot;
       
 (DIR) Post #AvCOovPxmLeDEedayW by moira@mastodon.murkworks.net
       2025-06-16T20:10:21Z
       
       1 likes, 0 repeats
       
       @cR0w
       
 (DIR) Post #AvCbiKMRwNIvyNB84G by 3v1n0@fosstodon.org
       2025-06-16T22:44:18Z
       
       0 likes, 0 repeats
       
       @lanodan @cR0w it does.There&#39;s no other way the user group can be initialized, unless you know the code better.
       
 (DIR) Post #AvCbiLjWq3MMEEz4gC by lanodan@queer.hacktivis.me
       2025-06-16T22:51:31.103316Z
       
       0 likes, 0 repeats
       
       @3v1n0 @cR0w There&#39;s a difference between initializing a struct to safe values when it&#39;s declared, and ending up going through /current/ branches to see if it can fail.