:: Re: [DNG] Beware
Startseite
Nachricht löschen
Nachricht beantworten
Autor: Adam Borowski
Datum:  
To: dng
Betreff: Re: [DNG] Beware
On Tue, Jan 19, 2016 at 04:09:10PM +0000, Rainer Weikusat wrote:
> Steve Litt <slitt@???> writes:
> > Beware:
> >
> > http://www.networkworld.com/article/3023447/security/linux-zero-day-affects-most-androids-millions-of-linux-pcs.html
>
> Just another local privilege escalation. May enable users to gain
> control of their own Android devices (imminent end of the world
> predicted!) and affect setups where untrusted users are able to execute
> arbitrary code as themselves.


While rooting locked-down Androids is a good think, one shouldn't play down
the severity of local exploits. While in a number of scenarios the game is
already lost without the attacker gaining root, they're not use cases.

But a kernel vulnerability differs from any other patched security issue
only by the need to reboot after "apt-get upgrade".

--
A tit a day keeps the vet away.