Pwnkit: Local Privilege Escalation in polkit’s pkexec (CVE-2021-4034)

Source: Hacker News

Article note: Group ownership of hardware assets wasn't modern enough or something, so we got polkit and it's constant weird state and js/xml config nightmare. ...and the parser that broke is pkexec's sloppy handling of argv.
Comments
This entry was posted in News. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *