Alibaba cloud polkit pkexec local rights lifting vulnerability

1. introduction

     Recently, I haven't visited my Alibaba cloud server console for a long time due to various things , Because I want to know about Jieyun primordial , So I found that I can further develop my server value , After all, it's meat cutting for other beginners , But as a student machine user of Alibaba cloud , Here is a popular science for student computers , Alibaba cloud student machine is a kind of server with high cost performance for students , It is a preferential policy provided by Alibaba cloud for students , During the validity of student status , And before the server expires , Students can renew at the preferential price , Every renewal , Renewal duration 1-12 Choose for yourself within months , The expiration time of the instance does not exceed the validity period of the student identity , That is, only need to 96 Yuan can use a relatively high-performance server , Cancel when you are not a student , Of course, the renewal should not be stopped halfway . Because I have some experience in using servers , So for me, learning cloud nativity is an advantage . In order to test whether you still have the preferential qualification of student machine , Logging in to Alibaba cloud on your mobile phone found an emergency vulnerability ：

     Raising rights is more dangerous in network security , Rush directly from the part to the whole .

2. resolvent

     We all know Linux As an open source operating system , The community is huge , So there is bug There must be a group of big guys coming out , Now the popular solutions on the Internet are as follows （ If you don't understand it very well, just CV, Just solve the problem ）：

yum -y install polkit # Upgrade this Linux The program that comes with it 
chmod 0755 /usr/bin/pkexec #pkexec Of suid Authority cancelled 

3. The rest of the storm

     Although it was updated soon , However, Alibaba cloud has always been prompted by vulnerabilities , Don't panic at this time , Find the place of vulnerability detection , Re check the vulnerability , For example, the following two places ：


     Click to view the vulnerabilities you have solved , Confirm ：

     Finally, return to Alibaba cloud mobile again app, I found that the safety score also went up , It can be said to be solved , As for the high-risk vulnerabilities that have been prompted , When dealing with marketing , After all, I'm still a student , The use of student machine is often to write the project deployment in your own group for the convenience of other students , The real utilization rate is not very high . Usually, if you really want to learn Linux, It is also possible to use virtual machines instead . Finally, as a programmer, you have to be calm bug Or loopholes , I can't see that the vulnerability is still frantically closing the security group port in a hurry like I did , Ha ha ha ha , The actual content of this article is not much , It's all chatter , I wish you all a pleasant study trip ！.