68
submitted 1 month ago by exu@feditown.com to c/linux@lemmy.world
top 3 comments
sorted by: hot top controversial new old
[-] sxan@midwest.social 18 points 1 month ago

Hooo-ly shit, that's a concerning read. I have to go blacklist Deepin; it's in Arch extra/.

The whole article is concerning, but this part was really scary:

The service methods were not only unauthenticated and thus accessible to all users in the system, but the D-Bus configuration file also allowed anybody to own the D-Bus service path on the system bus, which could lead to impersonation of the daemon. Among other issues, the D-Bus service allowed anybody in the system to create arbitrary new UNIX groups, add arbitrary users to arbitrary groups, set arbitrary users’ Samba passwords or overwrite almost any file on the system by invoking mkfs on them as root, leading to data loss and denial-of-service.

[-] GolfNovemberUniform@infosec.pub 15 points 1 month ago

Tbh that's good. Deepin is sketchy to say the least.

[-] gradual@lemmings.world 1 points 2 weeks ago

I would support a public institution that audits free software.

this post was submitted on 08 May 2025
68 points (98.6% liked)

Linux

11073 readers
116 users here now

Welcome to c/linux!

Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!

Rules:

  1. Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.

  2. Be respectful: Treat fellow community members with respect and courtesy.

  3. Quality over quantity: Share informative and thought-provoking content.

  4. No spam or self-promotion: Avoid excessive self-promotion or spamming.

  5. No NSFW adult content

  6. Follow general lemmy guidelines.

founded 2 years ago
MODERATORS