|
|
Subscribe / Log in / New account

The poisoned NUL byte, 2014 edition (Project Zero)

The poisoned NUL byte, 2014 edition (Project Zero)

Posted Aug 27, 2014 8:00 UTC (Wed) by smcv (subscriber, #53363)
In reply to: The poisoned NUL byte, 2014 edition (Project Zero) by spender
Parent article: The poisoned NUL byte, 2014 edition (Project Zero)

pkexec is a controlled-privilege-escalation tool, like su or sudo. It needs to be able to do whatever privileged things its user wants it to do.

If the SELinux approach to that is "su/sudo/pkexec still shouldn't be able to chroot(2), but non-setuid tools that actually need to chroot like chroot(8) or schroot(8) should be able to, and su/sudo/pkexec should be able to run them" then fine; but if su is expected to be fully-privileged, then pkexec should be too.

to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds