and in the examples in the blogpost, there is no privilege boundary at all; you could just as well just modify the original program
privesc LD_PRELOAD is not a problem, only part of symptoms. not clearing environment in a setuid binary is the actual issue
-
-
-
(also, the "Sandbox unsafe applications" part of that post is nonsense, an application can just call syscalls directly)
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.