bestouff
3 hours ago
Lots of privilege escalations these days. But are there that many multiuser Linux systems nowadays ? I'm under the impression the whole landscape is either servers or single-user desktops (and ofc Android phones).
dathinab
an hour ago
> many multiuser Linux systems nowadays
not relevant IMHO
we don't live anymore in a time where you can trust that local apps do not misbehave, and in such a context LPE is pretty bad even in a single user system
just thing about all the supply chain problems of recent times
zahlman
2 hours ago
I impersonate multiple users on my machine for organizational reasons.
LPEs also potentially make user-level malware into system-level malware, which is only marginally more impactful for a single person on a desktop, but considerably harder to clean up. (It also broadens the range of what such malware could exfiltrate from me.)
riedel
an hour ago
Many university HPC clusters are run multiuser. At least login nodes.
INTPenis
2 hours ago
The idea is that you can exploit a service hosted on Linux to run these.