| ▲ | seba_dos1 an hour ago | |||||||
Anyone who sees Copy Fail and chooses to focus on the way the example exploit happens to gain root is just showing how unimaginative they are. In the pre-container hype era, the sysadmin where I used to work gave us write access to nginx.conf on work machines to facilitate development. I used it in pair with an XSLT template to gain root access, so I could install things without having to go through the sysadmin - all thanks to a single config file for a webserver and without relying on any kind of security bugs in there. This vulnerability makes all sorts of stuff that were supposed to be shared read-only with the container actually sorta writable, so the blast radius is going to be enormous in many contexts, even when not as universally trivially exploitable as with the "su" example. | ||||||||
| ▲ | e12e 12 minutes ago | parent [-] | |||||||
Wait nginx ran as root? | ||||||||
| ||||||||