mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2024-12-04 05:20:30 +00:00
Documentation: Inform people that anon
can su
to root
by default
\0 pointed out that this is not mentioned anywhere, technically making it a "local privilege escalation" bug. This patch adds it to the documentation, and I've also paid out the first $5 bounty to the "Kiwis for Kiwi" charity as per \0's request! http://serenityos.org/bounty/kiwis4kiwi.png
This commit is contained in:
parent
06aec9667e
commit
ec91d2eb9f
Notes:
sideshowbarker
2024-07-19 08:03:35 +09:00
Author: https://github.com/awesomekling Commit: https://github.com/SerenityOS/serenity/commit/ec91d2eb9fe
1 changed files with 3 additions and 0 deletions
|
@ -60,6 +60,9 @@ Once you've built the toolchain, go into the `Kernel/` directory, then run
|
|||
**./makeall.sh**, and if nothing breaks too much, take it for a spin by using
|
||||
**./run**.
|
||||
|
||||
Note that the `anon` user is able to become `root` without password by default, as a development convenience.
|
||||
To prevent this, remove `anon` from the `wheel` group and he will no longer be able to run `/bin/su`.
|
||||
|
||||
Bare curious users may even consider sourcing suitable hardware to [install Serenity on a physical PC.](https://github.com/SerenityOS/serenity/blob/master/INSTALL.md)
|
||||
|
||||
Later on, when you `git pull` to get the latest changes, there's no need to rebuild the toolchain. You can simply rerun **./makeall.sh** in the `Kernel/` directory and you'll be good to **./run** again.
|
||||
|
|
Loading…
Reference in a new issue