Comment 9 for bug 1813365
Revision history for this message
| Chris Moberly (chris.moberly) wrote Re: Local privilege escalation in default Ubuntu installations | #9 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Wow, this was a fast response. Definitely the most pleasant disclosure experience I have had. Great work!
This does appear to fix the issue.
I know very little about golang myself, though, and I am still curious as to why this line is necessary:
```
return fmt.Sprintf(
```
The pid, uid, and socket variables are already set nicely by the standard library. Is there a reason to concatenate them into this string and then pull them apart again later? Would it not be easier and safer to simply pass the object as is and continue to reference them individually?
I'm sure there is probably some other requirement that I just don't see.
Anyway, again great work and thank your for being so kind and addressing this so quickly.
Have a great weekend!
- Chris