Hacker News new | past | comments | ask | show | jobs | submit login

Very serious or minor annoyance? "college campuses" don't strike me as the kind of places where any security issues are considered "very serious".



this LPE would allow anyone to install a kext rootkit on the machine. how is that not serious?


Why is that significantly more serious than them running any other backdoor as a normal user?

I don't understand the threat model here, it is always completely unreasonable to expect that an attacker wouldn't easily be able to escalate privileges locally in a multi-user system.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: