Another Old Exploit Found in Many Linux Distros.

In this video I cover the polkit vulnerability recently uncovered that affects many desktop linux distros such as fedora ubuntu and linux mint

₿💰💵💲Help Support the Channel by Donating Crypto💲💵💰₿








Bitcoin Cash

Etherum Classic

USD Coin

Subscribe to my YouTube channel
and be sure to click that notification bell so you know when new videos are released.

30 thoughts on “Another Old Exploit Found in Many Linux Distros.

  1. That's mostly GTK/GNOME'S fault, as other DE's don't need polkit, have their own policy manager or can work with whatever policy manager you have available.

  2. 1.You need a machine that you a have local access to or ssh.
    2.Ssh is password protected so on way or another you must be a user of a system in a first place.
    3.This bug is a local bug. No real danger for home users.
    4.In corporate server environments we do not even use gui nor gnome pol-kit shiped with gui elements so server wise it is BS.
    5.But let say you pull this of via gui or ssh on "company server", you will lost your job.
    6.Now You must tinkering with logs to hide this incredible achievement of yours, but if you delete them completely,
    you put it department in an red alert state, so there is a slight chance if you only delete few lines that points on your actions,
    and since it was found (the bug ) it is already patched.
    Think twice till you start scare people to get more views.
    Just because we do not use gentoo we are not morons, do not treat us as such.

  3. it's probably used because it allows for more strict policy/permission control over one application. I have tried relying only with sudo and su. And many programs actually requires it to be able to work as expected. The same goes with dbus, even though I did not need ipc.

  4. Linux: oh no polkit is vulnerable, let me just run sudo dnf update
    Windows: oh no, somethings broken (idk what), let me wait it a few minutes for the check for updates button to refresh so I can restart my entire computer and wait another 5 minutes

  5. I think that Linux was meant to be a desktop OS, but because Windows/DOS was easier to use at the time, people stayed with Windows/DOS and only enterprises moved from paid Unix to free Linux

  6. Priviledge escalation exploits on software that doesnt have the rights to manage priviledges is exceedingly rare. If there's going to be one, it's going to be in one managing priviledges. That's not odd, abnormal, or an exceptionally bad fail by any standard. It happens.

  7. 5:50 "(Linux was) originally meant to be a server (system)"
    What?? Linus made it for himself for desktop use. And although Linux took over server, he said he regrets that it didn't take over personal computers.

  8. The most important thing to take away from this is keep your systems updated. The Linux teams are VERY good at patching exploits in a timely manner (Unlike Redmond), so as long as you keep everything up to date, you'll be fine.

Leave a Reply

Your email address will not be published. Required fields are marked *