Add note about Debian Buster

Since Debian Buster, `sh` drops SUID privileges unless the `-p` option is
passed, thus behaving like Ubuntu.
This commit is contained in:
Andrea Cardaci 2019-08-14 17:54:19 +02:00
parent 391d436fc5
commit 2a2d2f2e4a

View File

@ -69,8 +69,9 @@ suid:
description: |
It runs with the SUID bit set and may be exploited to access the file
system, escalate or maintain access with elevated privileges working as a
SUID backdoor. If it is used to run `sh -p`, omit the `-p` argument on systems
like Debian that allow the default `sh` shell to run with SUID privileges.
SUID backdoor. If it is used to run `sh -p`, omit the `-p` argument on
systems like Debian (<= Stretch) that allow the default `sh` shell to run
with SUID privileges.
sudo:
label: Sudo
@ -90,5 +91,6 @@ limited-suid:
description: |
It runs with the SUID bit set and may be exploited to access the file
system, escalate or maintain access with elevated privileges working as a
SUID backdoor. If it is used to run commands it only works on systems
like Debian that allow the default `sh` shell to run with SUID privileges.
SUID backdoor. If it is used to run commands it only works on systems like
Debian (<= Stretch) that allow the default `sh` shell to run with SUID
privileges.