logoalt Hacker News

tptacektoday at 1:27 AM2 repliesview on HN

This is such a venerable and ancient class of bugs, going at least as far back as AIX 3. Glad to see they're still makin' 'em like they used to.

(If you had SSH access to a host in your Tailscale ACL, you could log in as `-i` and get a root login.)


Replies

RossBencinatoday at 2:57 AM

I'm somewhat alarmed that the context that this bug was running in was capable of root login. Is there a reason that an SSH login process would, by default, have enough capabilities to facilitate direct root login?

show 2 replies
iririririrtoday at 2:43 AM

you can also add parameters to env vars in some popular cloud providers for the same effect.