Will Dormann on Nostr: I get that MSRC often flip-flops on what is and what is not a security boundary for ...
I get that MSRC often flip-flops on what is and what is not a security boundary for some things (e.g. admin to kernel).
But when a non-admin user can reproducibly get SYSTEM privileges and MSRC says that "no security boundary is being broken here", it really makes you wonder.
🤔
https://github.com/Wh04m1001/GamingServiceEoP 
Published at
2024-03-12 04:12:30Event JSON
{
"id": "84d56027f35398805c655c485dfac7d8ccacc8305d0280da4c6bad998b2fe693",
"pubkey": "9c7b9756690880e06dd0ac4246c1d27e99c2f9d8beb819e2e3156dc3e2d8d3e6",
"created_at": 1710216750,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/wdormann/statuses/112080764961020253",
"activitypub"
]
],
"content": "I get that MSRC often flip-flops on what is and what is not a security boundary for some things (e.g. admin to kernel).\nBut when a non-admin user can reproducibly get SYSTEM privileges and MSRC says that \"no security boundary is being broken here\", it really makes you wonder.\n🤔\nhttps://github.com/Wh04m1001/GamingServiceEoP\n\nhttps://media.infosec.exchange/infosec.exchange/media_attachments/files/112/080/763/980/580/086/original/b8857c4294e58528.png",
"sig": "1595d70167e64d4f73b271e8cb8348f38b61fd761fa33a63b2a0ebf93e2180c999180f7ebcb5a494d96763318f2f0d2806d7ccead0d768f3930c9cbaf9913530"
}
