[HN Gopher] Privilege escalation with polkit: How to get root on...
       ___________________________________________________________________
        
       Privilege escalation with polkit: How to get root on Linux with a
       seven-year-ol
        
       Author : todsacerdoti
       Score  : 64 points
       Date   : 2021-06-10 16:01 UTC (7 hours ago)
        
 (HTM) web link (github.blog)
 (TXT) w3m dump (github.blog)
        
       | pietromenna wrote:
       | I simply love this kind of articles and writing style!
        
       | gnabgib wrote:
       | The versioning scheme of `pkexec` in Debian based Linuxes leaves
       | a little to be desired.. `pkexec --version` in Debian 10 and
       | Ubuntu 20 (server/minimal) both report `0.105` but according to
       | the article it's fine for `0.105-25` (Debian 10) and vulnerable
       | in `0.105-26` (Ubuntu >18).. but you can't find out from the CLI.
        
       | pdenton wrote:
       | Polkit version 0.119 fixes it, here's the diff:
       | https://gitlab.freedesktop.org/polkit/polkit/-/commit/a04d13...
        
       | [deleted]
        
       | dane-pgp wrote:
       | > It's used by systemd, so any Linux distribution that uses
       | systemd also uses polkit.
       | 
       | I can't help imagining a distro developer looking out at systemd
       | across a lava field and saying:
       | 
       | "You were the chosen one! It was said that you would destroy the
       | badly designed legacy components, not join them!"
        
       ___________________________________________________________________
       (page generated 2021-06-10 23:01 UTC)