One of my devs didn't understand how his new code was subject to a code injection attack. So another one wrote a harmless PoC to demonstrate it. First dev misunderstood and thought it couldn't lead to anything dangerous. So second dev used dd if=/dev/random of=/dev/sda
as an example, intending the first dev to try it out in a local Docker image, which he did
Then he wanted to see if it would work in staging… and now he's learning how to rebuild our staging env (the relevant part of which is still on bare metal…)
unlofl [Promoted Toot]
in reply to calcifer • • •silverwizard
in reply to calcifer • •calcifer
in reply to silverwizard • • •@silverwizard not really a privsep issue; the component in question is a tiny thing that runs as root for one function that requires it. It was exploitable as a normal user. It was already blocked from merging to prod, dev was just trying to figure out if it worked in a realistic environment and didn't think it through.
Vulns don't respect privsep 🤣
silverwizard likes this.
Kool Depeche Moe Dee
in reply to calcifer • • •