oss-sec mailing list archives
Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)
From: Bastian Blank <bblank () thinkmo de>
Date: Thu, 27 Jan 2022 14:29:06 +0100
On Thu, Jan 27, 2022 at 01:45:33PM +0100, Kai Lüke wrote:
An alternative to pkexec that is not setuid but also uses polkit auth is systemd-run (here is an attempt at mimicking the sudo UX: https://gist.github.com/pothos/73dd4f7694acc3b6bbed614438f6e2b1).
Or just "machinectl login .host".
Bastian
--
You! What PLANET is this!
-- McCoy, "The City on the Edge of Forever", stardate 3134.0
Current thread:
- pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Qualys Security Advisory (Jan 25)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Sam James (Jan 25)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Roman Medina-Heigl Hernandez (Jan 26)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Henri Salo (Jan 26)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Erik Auerswald (Jan 26)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Chris Boot (Jan 27)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Roman Medina-Heigl Hernandez (Jan 26)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Sam James (Jan 25)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Dominik Czarnota (Jan 26)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Kai Lüke (Jan 27)
- Re: pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) Bastian Blank (Jan 27)