**** BEGIN LOGGING AT Thu Feb 17 02:59:56 2022
Feb 17 03:51:55 <set_> Why is the kernel build for the BBB called omapN_defconfig?
Feb 17 03:58:43 <set_> Generally, the omapN section is why I am asking.
Feb 17 03:59:22 <set_> Dang it.
Feb 17 03:59:27 <set_> Forget it. 10:00.
Feb 17 03:59:31 <set_> Blah.
Feb 17 07:17:41 <zmatt>  /cl
Feb 17 08:55:54 <jfsimon1981> Hi g.morning
Feb 17 11:26:06 <set_> jfsimon1981: Hello!
Feb 17 11:26:21 <set_> It me, set_.
Feb 17 11:27:14 <set_> I chatted w/ you a while back. Anyway...I am up early and making this bot work w/ updated ideas. BBGW!
Feb 17 11:28:45 <set_> I am gettin' rusty.
Feb 17 11:30:18 <set_> on the server online: Internal Server Error. I might need to read up.
Feb 17 11:38:06 <set_> I am having tech. diff. Boo!
Feb 17 11:38:08 <set_> Brb!
Feb 17 17:41:58 <zmatt> ah nice, local privilege escalation exploit found in policykit... be sure to install your updates on desktop linux systems.  (policykit is not typically installed on headless systems, and in particular is not installed on the IoT images)
Feb 17 17:43:33 <zmatt> "polkit also supports non-Linux operating systems such as Solaris and *BSD, but we have not investigated their exploitability. However, we note that OpenBSD is not exploitable, because its kernel refuses to execve() a program if argc is 0."
Feb 17 17:43:40 <zmatt> wait, linux _does_ allow argc to be zero? o.O
Feb 17 17:43:44 <zmatt> why the fuck
Feb 17 21:24:36 <hnv> "This vulnerability has been hiding in plain sight for 12+ years"... it gives me goosebumps
Feb 17 22:28:59 <zmatt> it's easy for a vulnerability to hide in plain sight when it's due to behaviour that's not widely known
Feb 17 22:30:36 <zmatt> I wonder how many people were/are aware that argc can be zero in main(), it was news to me
Feb 17 22:31:45 <zmatt> hopefully this incident will get this weirdness fixed in the kernel
Feb 17 22:39:15 <set_> Does anyone know any of the side effects of this instance/vulnerability?
Feb 17 22:40:31 <zmatt> set_: "side effects" ?
Feb 17 22:40:52 <set_> Right, like...
Feb 17 22:40:58 <zmatt> in practice it's not a hugely important vulnerability
Feb 17 22:41:16 <set_> What would happen to a system if this "backdoor" was entered?
Feb 17 22:41:17 <set_> Oh.
Feb 17 22:41:54 <zmatt> people who have local access (as normal user) on a system with a vulnerable version of policykit can use it to gain root privileges
Feb 17 22:43:23 <set_> I am asking b/c I compiled a kernel and then installed it to cross-compile a system to the BBB. But on my main system, the dev. desktop, grub2 took over and created a single instance of OS. Then, my 'puter died out.
Feb 17 22:43:48 <zmatt> on desktop systems this is generally not that relevant since someone would still first need to have local access
Feb 17 22:43:56 <set_> Oh...okay. So, my issue is unrelated. Okay. Wozzers about the root privileges.
Feb 17 22:43:58 <set_> Right.
Feb 17 22:44:11 <zmatt> and on servers and clouds there's no reason for policykit to be installed at all
Feb 17 22:44:33 <set_> People would need password access. Oh. That makes sense. No wonder it went undetailed for so long.
Feb 17 22:44:54 <zmatt> that has absolutely nothing to do with how long it remained undetected
Feb 17 22:45:15 <set_> Oh. It was not detected. Okay, I thought they just put it "on the back burner."
Feb 17 22:45:25 <zmatt> ???
Feb 17 22:45:37 <set_> Like, "I will get to this later," type of idea.
Feb 17 22:46:08 <zmatt> no, you don't put a critical vulnerability that is trivial to fix (once you realize the vulnerability exists) "on the back burner"
Feb 17 22:46:23 <zmatt> well, not critical... still major
Feb 17 22:46:49 <zmatt> it may be critical for some systems I guess, but I suspect they'll be pretty rare
Feb 17 22:47:17 <set_> Okay. Yes sir, that makes sense b/c people w/out sudo access or root privileges should not have it unless granted.
Feb 17 23:16:18 <hnv> a successful `apt-get changelog policykit-1 | grep CVE-2021-4034` is a good sign right?
Feb 17 23:17:55 <zmatt> should be yes
Feb 17 23:18:00 <zmatt> or just check the installed package version
Feb 17 23:18:39 <zmatt> (the fix is in 0.105-31.1, 0.105-25+deb10u1, and 0.105-18+deb9u2)
Feb 17 23:22:23 <zmatt> heh, apparently polkit had another local privilege escalation vuln last year (CVE-2021-3560)
Feb 18 00:13:04 <set_> @zmatt: I am not sure if you remember my old bot but I am reviving its "juices." Anyway, I am built to the brim but I am receiving erros. Will you please look at this paste: https://pastebin.com/8HVn86Hz ?
Feb 18 00:13:18 <set_> It seems I do not have permission to handle gpio on my BBGW.
Feb 18 00:28:24 <set_> Scratch that...It seems there was a file I needed to install in a particular place.
Feb 18 01:29:16 <zmatt> ?
Feb 18 01:29:38 <zmatt> this looks more like some uwsgi setup problem
Feb 18 01:30:27 <zmatt> e.g. running as the wrong user
Feb 18 01:30:39 <zmatt> that would be my guess anyway
Feb 18 01:31:52 <zmatt> why are you using uwsgi anyway?  using flask's internal server is probably more convenient for your simple needs
Feb 18 01:32:27 <set_> Oh. Okay...no issue. Oh, you are right. I just got used to it. I was updating some old bot stuff w/ the new images so I can make an updated post.
Feb 18 01:32:39 <set_> I guess I can use flask instead.
**** ENDING LOGGING AT Fri Feb 18 02:59:56 2022