Comment on First Apple M5 memory exploit discovered using Anthropic AI, gives root access on MacOS
artyom@piefed.social 3 weeks agotrick a user into running
That doesn’t sound like an exploit at all. You can “trick a user” into running sudo rm -rf as well. That’s not an exploit.
kungen@feddit.nu 3 weeks ago
If you can get root as a standard user, without providing your password, it is indeed an exploit.
artyom@piefed.social 3 weeks ago
If in order to get root, you just convince another user to give it to you, that is not an exploit.
kungen@feddit.nu 3 weeks ago
??? Do you not understand how privilege elevation works? You normally need to provide your password to get root. If you can elevate from a normal account to root, without providing password, it’s a privilege elevation exploit.
artyom@piefed.social 3 weeks ago
What does any of this have to do with tricking the user?
WaxRhetorical@lemmy.world 3 weeks ago
… Or some application you use frequently unfortunately uses a now hijacked package for some features, meaning an antagonist is now able to get root on your device without you or anyone else realising.