←back to thread

Run0, a systemd based alternative to sudo, announced

(mastodon.social)
466 points CoolCold | 1 comments | 29 Apr 24 23:59 UTC | HN request time: 0.279s | source
1. TheDong ◴[02 May 24 05:14 UTC] No.40232920[source]
That "hack" uses reptyr to attach to the existing pty, which requires ptrace permissions.

The same "hack" can be done against sudo if you ptrace attach to the shell that started sudo.

This isn't a new issue. It's well known that if 'user1' has ptrace permissions, they can ptrace other processes for 'user1', and thus 'user1' can compromise 'user1'. If 'use1r' is also running sudo or run0 or anything else sensitive, it follows that the thing in the tweet is possible.

This would be an issue if 'user2' could take over 'user1's pty or such.