[Info-vax] Logical Name - remove with deassign and executive mode
Simon Clubley
clubley at remove_me.eisner.decus.org-Earth.UFP
Thu Oct 21 13:55:08 EDT 2021
On 2021-10-21, HCorte <hmmbcorte at gmail.com> wrote:
>
> Note: tried in eisner.decus.org and even with executive mode could remove with sucess using deassign, so assuming that the environment that made the test must have some extra validation in deassign but just a guess.
>
Assuming you are not privileged on Eisner, it wasn't created as an
executive mode logical, but it was silently converted to a supervisor
mode logical.
Personally, I think you should get a not sufficiently privileged error
message in that case and not a silent conversion to supervisor mode.
If you could create an executive mode logical that you control as
a non-privileged user, then congratulations, you would have earned
yourself a CVE number. :-)
Simon.
--
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.
More information about the Info-vax
mailing list