|
|
|
|
|
|
by Qualadore
1405 days ago
|
|
|
> then get local root With Qubes you already by default have local root [0], because LPE is usually almost a forgone conclusion if the attacker has a sandbox escape. > A Xen 0day, alone, isn't useful. I don't think there any attackers with the interest and capability to acquire a Xen sandbox escape that wouldn't readily have access to browser 0-days, unless the target is using something like Tor Browser Bundle with JS, SVG, and PDF.js disabled. [0] https://www.qubes-os.org/doc/vm-sudo/ |
|
|