this post was submitted on 30 Apr 2026
175 points (98.3% liked)

Technology

84225 readers
3726 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
175
There is a new linux vulnerability that allows every unprivileged user to become root super easily (copy.fail)
submitted 14 hours ago by Zenlix@lemmy.ml to c/technology@lemmy.world
14 comments fedilink hide all child comments
top 14 comments
sorted by: hot top controversial new old
[–] corsicanguppy@lemmy.ca 5 points 3 hours ago (1 children)

Only if you enable the mode for rootless containers. If you run more safe, this thing is apparently impotent.

No containers here, no cry.

[–] timwa@lemmy.snowgoons.ro 4 points 2 hours ago

Where are you getting that from? That's not the case at all.

[–] MasterNerd@lemmy.zip 12 points 6 hours ago (1 children)

Hmm seems like that report is AI generated

[–] thesmokingman@programming.dev 4 points 2 hours ago

It is. The vuln itself was found with guidance of an AI tool. Doesn’t make the vuln any less bad. Does make Xint look really shitty for constantly shilling with boilerplate AI instead of a good human analysis (or at least something above boilerplate).

[–] Corngood@lemmy.ml 21 points 8 hours ago (2 children)

It feels weird that it has it's own domain name and slogan. I get that there's a promotional aspect to it, but it seems a bit much.

[–] Rossphorus@lemmy.world 6 points 3 hours ago

This is not uncommon for high-profile CVEs. For example, brokenwire.fail, heartbleed.com, spectreattack.com, etc..

[–] bookmeat@fedinsfw.app 4 points 6 hours ago

They had a month to set it up.

[–] Dadifer@lemmy.world 28 points 13 hours ago

In the writeup, they say there's multiple other vulnerabilities on this attack surface, but they're still working on responsible disclosure.

[–] bjoern_tantau@swg-empire.de 53 points 14 hours ago (2 children)

Ugh, another new "sudo" clone.

[–] corsicanguppy@lemmy.ca 3 points 3 hours ago

They rolled their own ~~encryption~~ sudo.

[–] ryannathans@aussie.zone 26 points 13 hours ago (1 children)

Much smaller than sudo

[–] RiceMunk@sopuli.xyz 31 points 12 hours ago (1 children)

surprise new linux feature: Much more space-efficient sudo command

[–] LedgeDrop@lemmy.zip 9 points 10 hours ago (1 children)

... 'cause I always keep forgetting my password.

I am curious to see if/how this'll open up some android devices.

[–] Codilingus@piefed.social 4 points 5 hours ago

My brain was too moosh for the technical reading, but I saw GrapheneOS say they're immune to it. So probably not good for regular Android, lol.