Y
Hacker News
new
|
ask
|
show
|
jobs
by
KerrAvon
872 days ago
I’m not following your logic. How does the malicious-but-unprivileged user have write access to anywhere in the sysadmin’s PATH?
1 comments
cedws
872 days ago
The 'exploit' runs under the sysadmin's user. It gets there when the sysadmin inadvertently installs something malicious under their own user, or something they're running is exploited for example.
link