Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
armitron
on March 30, 2024
|
parent
|
context
|
favorite
| on:
XZ backdoor: "It's RCE, not auth bypass, and gated...
> Bypassing ssh auth means getting a root shell
Only if you're allowed to login as root, which is definitely not the case everywhere.
juliusdavies
on March 30, 2024
|
next
[–]
My sense was this backdoor gets to execute whatever it wants using whatever "user" sshd is running as. So even if root logins are disabled, this backdoor doesn't care.
colinsane
on March 30, 2024
|
prev
|
next
[–]
not only that, but logins show up in logs.
wepple
on March 31, 2024
|
prev
[–]
Plus, detection is likely to be be very different.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
Only if you're allowed to login as root, which is definitely not the case everywhere.