mirror of
https://github.com/mynodebtc/mynode.git
synced 2024-12-24 13:38:11 +00:00
Mitigate PwnKit vulnerability by removing setuid bit from /usr/bin/pkexec (#622)
https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034
This commit is contained in:
parent
ffb7b58e21
commit
e58bf35123
|
@ -47,6 +47,8 @@ if ! skip_base_upgrades ; then
|
||||||
# Migrate from version file to version+install combo
|
# Migrate from version file to version+install combo
|
||||||
/usr/bin/mynode_migrate_version_files.sh
|
/usr/bin/mynode_migrate_version_files.sh
|
||||||
|
|
||||||
|
# PwnKit vulnerability mitigation
|
||||||
|
chmod 0755 /usr/bin/pkexec
|
||||||
|
|
||||||
# Stop and disable any old services
|
# Stop and disable any old services
|
||||||
systemctl disable https || true
|
systemctl disable https || true
|
||||||
|
|
Loading…
Reference in New Issue
Block a user