14 votes

How to get root on Ubuntu 20.04 by pretending nobody’s /home

1 comment

  1. Deimos
    (edited )
    Link
    This is a great post. A lot of security articles are convoluted and difficult to follow unless you're already extremely familiar with the tech they're related to (which makes sense, since the...

    This is a great post. A lot of security articles are convoluted and difficult to follow unless you're already extremely familiar with the tech they're related to (which makes sense, since the exploits are usually not simple either). But this one is straightforward and the explanation walks through all the pieces of it, what they do, and why it ends up working.

    The vulnerability itself wasn't too severe since it requires access to the graphical desktop, but it's an interesting find anyway. I think this makes a great example of how vulnerabilities can happen through strange, unexpected interactions between different systems, even though the way they work individually seems totally reasonable.

    7 votes