Alert Logic has dismissed criticism of its research into the Linux bug it named grinch. Last week, Alert Logic said that grinch exists in the new authorisation system that allows privilege escalation through Wheel, bypassing it by using the existing polkit authentication. “Wheel users have access to all system commands including the ability to install any package or code,” Stephen Coty, chief security evangelist at Alert Logic said. “We can abuse the user’s...
Read more