I just saw this advisory Escape sequence injection in util-linux wall (CVE-2024-28085) https://seclists.org/fulldisclosure/2024/Mar/35 where they're talking about grabbing other users sudo password.
Apparently the root of the security issue is that wall is a setguid program? Even more fun is the instructions To make sure the PoC will work, make sure your victim user can actually receive messages. First check that mesg is set to y (`mesg y`). If a user does not have mesg turned on, they are not exploitable. WTF?? I've never heard of a mesg, but $ which mesg /usr/bin/mesg So. There is a program called 'mesg', hrmmm.. man mesg ... Traditionally, write access is allowed by default. However, as users become more conscious of various security risks, there is a trend to remove write access by default, at least for the primary login shell. To make sure your ttys are set the way you want them to be set, mesg should be executed in your login scripts. oof. Are there instructions somewhere on how to make Debian secure by default? Thanks, Lee