hohn/codeql-sample-polkit
1
0
Fork 0
mirror of https://github.com/hohn/codeql-sample-polkit.git synced 2025-12-16 22:03:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add WIP note

Browse Source
This commit is contained in:
Michael Hohn
2022-02-14 14:16:25 -08:00
committed by =Michael Hohn
parent f3a4b6cd36
commit 6895d36d12
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
README.org
View File

@@ -1,6 +1,12 @@
# -*- coding: utf-8 -*-
* The polkit pkexec bug
This is *work in progress*:
- [X] the polkit source / database build are complete
- [ ] codeql query development
- [ ] command-line instructions
The Polkit pkexec bug [[https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034][(CVE-2021-4034)]]
starts from an array bounds error w.r.t. argv and
builds on that. The out-of-bounds part of the problem is something we
@@ -284,7 +290,7 @@
VS Code plugin. For both cases, install the cli (see the =grab()= function
above) and download or build the codeql databases.
In the following, we assume this directory strucuture for the databases:
In the following, we assume this directory structure for the databases:
#+BEGIN_SRC text
cd ~/local/polkit
tree -L 2 -n