JohnCoates
commented
7 years ago postinst scripts already run as root, so what would runAsSuperUser allow for that a regular postinst can't do?
Closed nerdtron123 closed 7 years ago
JohnCoates
commented
7 years ago postinst scripts already run as root, so what would runAsSuperUser allow for that a regular postinst can't do?
nerdtron123
commented
7 years ago allowing us to execute that anywhere we want.
JohnCoates
commented
7 years ago For example?
nullpixel
commented
7 years ago lol that doesn't make sense
nerdtron123
commented
7 years ago With your runAsSuperuser binary, people can run commands as root from any user.
On Friday, April 21, 2017, Jamie Bishop notifications@github.com wrote:
lol that doesn't make sense
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/JohnCoatesOSS/Limitless/issues/103#issuecomment-296213423, or mute the thread https://github.com/notifications/unsubscribe-auth/AICNx06bYkFSTHjVtaSH76wwODNNZeRdks5ryMMZgaJpZM4MISES .
nullpixel
commented
7 years ago They can do that anyway in postinst, just su?
nerdtron123
commented
7 years ago But any application without sandbox can do priv escl, If you see how cydia designed, it's only allowed from cydia binary
On Sat, Apr 22, 2017 at 6:34 AM, Jamie Bishop notifications@github.com wrote:
They can do that anyway in postinst, just su?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/JohnCoatesOSS/Limitless/issues/103#issuecomment-296364371, or mute the thread https://github.com/notifications/unsubscribe-auth/AICNxyY-wKJ9QSulVBpGAsqiTuXWy_jpks5ryde7gaJpZM4MISES .
JohnCoates
commented
7 years ago @nerdtron123 I've seen how Cydia designed it, but it's a moot point. Anything you install through Cydia can already run root commands. When you SSH into the device you're already running root. What's the attack vector you're envisioning?
nerdtron123
commented
7 years ago means people can attack other people with limitless, if they're outside of sandbox on mobile or w/e
On Fri, May 5, 2017 at 3:03 PM, John Coates notifications@github.com wrote:
@nerdtron123 https://github.com/nerdtron123 I've seen how Cydia designed it, but it's a moot point. Anything you install through Cydia can already run root commands. When you SSH into the device you're already running root. What's the attack vector you're envisioning?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/JohnCoatesOSS/Limitless/issues/103#issuecomment-299549499, or mute the thread https://github.com/notifications/unsubscribe-auth/AICNx5-59mM_RoQfaNH4q5_7WwueFiRuks5r23JwgaJpZM4MISES .
JohnCoates
commented
7 years ago I'm closing this since I can't see a way someone can run a command on an iOS device, but is limited to mobile. If you can think of a way that isn't extremely vague, let me know
it seems to run any command as root or dpkg binaries as root, allowing us to do postinst scripts via malicious code etc etc