Sujet : Re: Yet Another New systemd Feature
De : invalid (at) *nospam* invalid.invalid (Richard Kettlewell)
Groupes : comp.os.linux.miscDate : 09. May 2024, 00:20:53
Autres entêtes
Organisation : terraraq NNTP server
Message-ID : <wwvr0ecuere.fsf@LkoBDZeT.terraraq.uk>
References : 1 2 3 4 5 6 7 8 9 10 11 12
User-Agent : Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
The Natural Philosopher <
tnp@invalid.invalid> writes:
Richard Kettlewell wrote:
The Natural Philosopher <tnp@invalid.invalid> writes:
On 07/05/2024 23:01, Richard Kettlewell wrote:
I don’t think I said “panacea”. But it’s pretty obvious that
eliminating them would close down an entire attack class. That’s
worth a lot, and steps toward it should be welcomed.
>
How many serious attacks have been successfully launched using 'sudo'?
Obviously impossible to say.
How many serious attacks have been detected and were successfully
launched using 'sudo'?
Again, obviously impossible to say.
I don’t have any more access to incident reports from targets (or
attackers l-) than you do. What I can do in their absence is assess the
risk associated with various APIs, components, configurations, etc,
based on understanding of how they work, direct and indirect experience
over the last few decades, and so on. Reasonable people can certainly
disagree about that assessment but the poor availability of evidence of
actual compromises is a hopeless foundation for any conclusions.
-- https://www.greenend.org.uk/rjk/