everyone screams microkernel when a new LPE appears but why are we not trying to fix the horrid linux permission system that even allows this to branch out into full root access?
Both dirtyfrag and copy.fail relied on a setuid binary to gain root access. Why is setuid still a thing?? The idea of letting a binary set itself to run as whatever user it wants is so backwards it should've been killed years ago but instead we let this happen every time
yes, a microkernel is the way to go for the future, but that will take a time, a very very long time, lets work on solutions to get rid of insane pitfalls like setuid first
Post
Replies:
5
Boosts:
4
@rose iirc those vulns could be used to corrupt any page, so i think they could've been used against preexisting privileged processes too? not sure
but yeah setuid sucks
but yeah setuid sucks
@navi@social.vlhl.dev @rose@snac.pinkro.se what also bothers me a lot is that we have a dozen filesystem drivers but everything is shoehorned into a unixoid hierarchical filesystem that doesn't work too well for either computers or humans
and then checksums, tags, extended attributes, deduplication, per-project quotas and per-user encryption are all bolted on in crappy ways, not to mention the databases that struggle to achieve ACID because they have to work with a terrible storage abstraction through a terrible syscall interface
@navi@social.vlhl.dev @rose@snac.pinkro.se we all see the huge pile of dirty dishes and we all dread having to clean them, but at some point there won't be any spoons left in the drawer and the mess can no longer be coped with
at this point its probably just sunk cost fallacy for most people
just keep buying more plastic spoons, its cheaper than having to scrub month old dishes
CC: @navi@social.vlhl.dev
