this post was submitted on 30 Apr 2026

161 points (98.8% liked)

Linux

13493 readers

469 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev

161

The same 732-byte Python script roots every Linux distribution shipped since 2017 (copy.fail)

submitted 1 day ago* (last edited 1 day ago) by not_IO@lemmy.blahaj.zone to c/linux@programming.dev

29 comments fedilink hide all child comments

woaw

also a good blog post about it https://xint.io/blog/copy-fail-linux-distributions

you are viewing a single comment's thread
view the rest of the comments

[–] Lee@retrolemmy.com 6 points 1 day ago (1 children)

While the POC requires su, the underlying flaw potentially works on any setuid binary on systems with AF_ALG enabled (provided there isn't something else preventing it).

[–] Pika@sh.itjust.works 4 points 1 day ago* (last edited 1 day ago)

In android this would very likely be the "mount" command, as if it has a microsd card reader or the ability to use a USB data transfer I expect it's using mount in order to do so.