this post was submitted on 30 Apr 2026
183 points (97.9% liked)

Technology

84256 readers
5754 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
183
There is a new linux vulnerability that allows every unprivileged user to become root super easily (copy.fail)
submitted 21 hours ago by Zenlix@lemmy.ml to c/technology@lemmy.world
14 comments fedilink hide all child comments
top 14 comments
sorted by: hot top controversial new old
[–] corsicanguppy@lemmy.ca 5 points 10 hours ago (1 children)

Only if you enable the mode for rootless containers. If you run more safe, this thing is apparently impotent.

No containers here, no cry.

[–] timwa@lemmy.snowgoons.ro 5 points 9 hours ago

Where are you getting that from? That's not the case at all.

[–] MasterNerd@lemmy.zip 13 points 13 hours ago (1 children)

Hmm seems like that report is AI generated

[–] thesmokingman@programming.dev 5 points 9 hours ago

It is. The vuln itself was found with guidance of an AI tool. Doesn’t make the vuln any less bad. Does make Xint look really shitty for constantly shilling with boilerplate AI instead of a good human analysis (or at least something above boilerplate).

[–] Corngood@lemmy.ml 23 points 15 hours ago (2 children)

It feels weird that it has it's own domain name and slogan. I get that there's a promotional aspect to it, but it seems a bit much.

[–] Rossphorus@lemmy.world 8 points 10 hours ago

This is not uncommon for high-profile CVEs. For example, brokenwire.fail, heartbleed.com, spectreattack.com, etc..

[–] bookmeat@fedinsfw.app 4 points 13 hours ago

They had a month to set it up.

[–] bjoern_tantau@swg-empire.de 57 points 21 hours ago (2 children)

Ugh, another new "sudo" clone.

[–] corsicanguppy@lemmy.ca 5 points 10 hours ago

They rolled their own ~~encryption~~ sudo.

[–] ryannathans@aussie.zone 28 points 20 hours ago (1 children)

Much smaller than sudo

[–] RiceMunk@sopuli.xyz 33 points 19 hours ago (1 children)

surprise new linux feature: Much more space-efficient sudo command

[–] LedgeDrop@lemmy.zip 11 points 17 hours ago (1 children)

... 'cause I always keep forgetting my password.

I am curious to see if/how this'll open up some android devices.

[–] Codilingus@piefed.social 5 points 12 hours ago

My brain was too moosh for the technical reading, but I saw GrapheneOS say they're immune to it. So probably not good for regular Android, lol.

[–] Dadifer@lemmy.world 30 points 20 hours ago

In the writeup, they say there's multiple other vulnerabilities on this attack surface, but they're still working on responsible disclosure.