Hacker News new | ask | show | jobs
by prudhvis 2669 days ago
Does that mean then, that every privilege escalation be arbitrary code execution?
2 comments
SahAssar 2669 days ago
No, since privilege escalation can also mean that you are able to take specific actions that you wouldn't otherwise be able to take. It does not always mean code execution.
link
darawk 2669 days ago
I'd say so, yes, assuming that you can then execute arbitrary code with the elevated privileges.
link
Sohcahtoa82 2669 days ago
I'd say no, because to be able to make a privilege escalation attack useful, you'd have to already have arbitrary code execution.
link
SahAssar 2669 days ago
No, in some cases code execution is not the goal at all. A privesc can mean admin access to a system you didn't previously have access to, it can mean access to logs or a direct tap into network data in some systems. You often don't need arbitrary code exec for that since its features built into the apps or the systems hosting them.
link
darawk 2669 days ago
Not necessarily. You could, for instance, elevate the privileges of a process you can't completely control, which might allow you to read sensitive files or disrupt a system, but not perform arbitrary actions with those privileges.
link
Sohcahtoa82 2669 days ago
I concede that privesc without code execution can be useful, but my original claim that privesc is not necessarily code execution still stands.
link
darawk 2669 days ago
I think we agree then? I said "assuming you can execute arbitrary code with the elevated privileges".
link