[ale] CRITICAL LINUX FLAW OPENS THE DOOR TO FULL ROOT ACCESS (RHE)
Jim Kinney
jim.kinney at gmail.com
Tue May 22 18:06:51 EDT 2018
Starting to sound more like a troll with each post on this. Might want
to step back and take long, slow, deep breath.
Of course the secret society _I'M_ in wrote a systemd plugin that scans
for specific usernames and promptly fails to start random portion based
on the database. Litt is in the database of course. Just cat
/proc/sys/kernel/shmmax_perf. Any value higher than 0 is the database
key value found. If the register doesn't show up at all, your ID is on
the list and you are blocked from ever having a working systemd
installation. Mark Shuttleworth personally signed off on this. I was
quite surprised.
On Tue, 2018-05-22 at 16:54 -0400, Steve Litt via Ale wrote:
> On Sun, 20 May 2018 20:56:08 -0400Solomon Peachy <pizza at shaftnet.org>
> wrote:
> On Sun, May 20, 2018 at 08:33:45PM -0400, Steve Litt via Ale wrote:
> So I let others say it. And isn't it interesting that the
> botchedshellscript and systemd are from the same folks, and they're
> thefolks who have no problem at all with bringing complexity
> toGNU/Linux (soon to be systemd/Linux).
> Nevermind this bug predates systemd's existence, isn't the first time
> it's happened [1], and this particular issue (and the entire class)
> wouldn't have occurred had systemd's networking infrastructure beenin
> use.
> I get you don't like systemd, but please, stick to the actual facts?
> Fact: The botched shellscript and systemd ARE from the same
> folks,Redhat, just like I said. I was sticking to the facts.
> Fact: I never said anything about which predated the other, but as
> longas we're playing the predating game, this smoking gun predates
> systemd:
> http://asay.blogspot.ru/2006/10/interview-with-red-hat-cto-brian.html
> Complexity as a profit center, straight from the mouth of the then
> RHCTO. We always knew about the means and opportunity, now we see,
> for aFACT, the motive. Direct from a top Redhat exec. Perhaps if
> they'd spentless juice complexifying systemd, they could have QA'ed
> theirshellscripts.
> SteveT
> Steve Litt June 2018 featured book: Twenty Eight Tales of
> Troubleshootinghttp://www.troubleshooters.com/28
>
> _______________________________________________Ale mailing
> listAle at ale.orghttps://mail.ale.org/mailman/listinfo/aleSee JOBS,
> ANNOUNCE and SCHOOLS lists athttp://mail.ale.org/mailman/listinfo
--
James P. Kinney III
Every time you stop a school, you will have to build a jail. What you
gain at one end you lose at the other. It's like feeding a dog on his
own tail. It won't fatten the dog.
- Speech 11/23/1900 Mark Twain
http://heretothereideas.blogspot.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20180522/d03961fd/attachment.html>
More information about the Ale
mailing list