alt Hacker NewsAfter all these years, we finally have enough eyeballs that all bugs are shallow, and it kinda sucks. How many times a week am I going to be updating my kernel from now on?
Replies
midtake • today at 7:19 AM
I sort of always expect there to be an LPE to root on Linux tbh, if anything this is great news and Linux might be a useful multiuser system after all.
bjackman • today at 6:10 AM
Updating your kernel isn't good enough, it never was.
Native unsandboxed execution == root. Only thing that's new is some people started making websites for their LPEs.
https://github.com/google/security-research/tree/master/pocs...
baq • today at 7:22 AM
With how things are going the question should be ‘is twice a day often enough?’
➕ show 1 reply
brcmthrowaway • yesterday at 11:53 PM
So you think someone is going to break into your house, find your default credentials somehow and get root access?
➕ show 2 replies
I haven't updated mine. I have a firewall and it's not exposed to the Internet. Need a key to SSH in. Same with my public facing server. Almost none of these exploits are "drop everything now and patch" unless you are somehow exposing yourself stupidly.