I looked at the exploit code above, it relies on the pulseaudio binary to be set SUID (run as root when executed). The "exploit" is to run pulseaudio and pass it an executable module, the module, obviously, will run as root as well.
If pulseaudio is not set SUID, the "exploit" code terminates with an error message... hilarious.
This seems to me a bunch of "security" experts trying to call attention to themselves.
Slashdot Mirror
I looked at the exploit code above, it relies on the pulseaudio binary to be set SUID (run as root when executed). The "exploit" is to run pulseaudio and pass it an executable module, the module, obviously, will run as root as well.
If pulseaudio is not set SUID, the "exploit" code terminates with an error message... hilarious.
This seems to me a bunch of "security" experts trying to call attention to themselves.
X Window