On 06/05/2020 12.02, haaber wrote: >> did any of you actually bother to look at the problem? >> because i am 99% sure this doesnt apply to qubes. at all. >> (also you are several days late on this...) >> >> this seems to be the original source and contains a fairly >> good writeup: >> >> https://labs.f-secure.com/advisories/saltstack-authorization-bypass > > Thanks for the source. How do you infer that this "doesn't apply" (and > maybe "did never apply") to qubes? Recall my question: where does salt > appear "under the hood" in qubes? This question seems relevant, since at > least I (almost) never invoke salt by hand. Is that not a reasonable > question? Explain. > No Salt master in Qubes -> no remoting exploit.
-- Rudd-O http://rudd-o.com/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5a58f9ab-de85-c992-6e9b-207cfc524211%40rudd-o.com.