this post was submitted on 27 Sep 2024
42 points (100.0% liked)
Linux
5242 readers
124 users here now
A community for everything relating to the linux operating system
Also check out !linux_memes@programming.dev
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Basically an unauthenticated perl interpreter with root open to the network by default in most configurations across a couple decades.
It's about as bad as it can be?
Compared to the original claim that it was kernel level and spread across literally everything?
No, no its not as bad as it was originally claimed.
Is it bad? Yes. Is it kernel level bad? No. It can easily be mitigated before a fix is out by blocking 631 and dns-sd traffic. It is not as bad as it was claimed to be.
Is it common for cups to run as root? It should have its own user, but that is still not good.