this post was submitted on 30 Apr 2026
48 points (96.2% liked)

Linux

5338 readers
1 users here now

Shit, just linux.

Use this community for anything related to linux for now, if it gets too huge maybe there will be some sort of meme/gaming/shitpost spinoff. Currently though… go nuts

founded 3 years ago
MODERATORS
top 12 comments
sorted by: hot top controversial new old
[–] atzanteol@sh.itjust.works 25 points 2 months ago (3 children)

Copy Fail requires only an unprivileged local user account — no network access, no kernel debugging features, no pre-installed primitives

Which is a fairly high hurdle for an attacker in most instances. Unless you're running something like a shared university server.

Definitely patch your systems though.

[–] Aganim@lemmy.world 15 points 2 months ago* (last edited 2 months ago) (1 children)

Which is a fairly high hurdle for an attacker in most instances.

With software projects training people that curl <link to their install script> | bash is totally fine and the insane amount of supply chain attacks lately it's a critical bug that's just begging to be exploited on single user systems.

So yes, patch your systems and definitely do not downplay this.

[–] atzanteol@sh.itjust.works 6 points 2 months ago (2 children)

With software projects training people that curl | bash is totally fine and the insane amount of supply chain attacks lately it’s a critical bug that’s just begging to be exploited on single user systems.

I wish the worst case of gout on people who do this. I can't believe it's become such an accepted way of installing software.

[–] moopet@sh.itjust.works 8 points 2 months ago (1 children)

I have a vague memory of some project that did this ages ago where you could see the script on their web page but when you ran the command it executed a different script (there was a single-character difference in the URL) and the result was it told you not to be so dumb as to run scripts like that.

[–] ironeagl@sh.itjust.works 2 points 2 months ago

It was idontplaydarts.com (search it up on Internet Archive). It could detect if you were downloading it directly, or piping it to bash, abd change the script it was delivering accordingly.

[–] HaraldvonBlauzahn@feddit.org 1 points 1 month ago

It is still the recommended way to install Rust.... M)

But what is bonkers is that pip install can run arbitrary code. The python packaging system is likely to be the next target of such attackers.

[–] gressen@lemmy.zip 6 points 2 months ago (1 children)

Think of the millions of systems running containers.

[–] atzanteol@sh.itjust.works 1 points 2 months ago

What about them?

[–] corsicanguppy@lemmy.ca 1 points 2 months ago

It also needs the sandboxing. So disable that and get back to work.

[–] wabasso@lemmy.ca 5 points 2 months ago (1 children)

I found the website you linked to be easy to digest. Impressed with their work, from the perspective of someone who uses Linux but doesn’t know too much about this stuff (other than patch good). I like how they gave credit to both the human and AI.

[–] lengau@midwest.social 4 points 2 months ago

I wish they'd bothered with a coordinated vulnerability disclosure...

https://infosec.exchange/@wdormann/116489443704631952

[–] palordrolap@fedia.io 1 points 2 months ago

The patch rolled out to LMDE yesterday (kernel v6.12.85), so I assume the number of affected systems has to be well on the wane by now.

(In that Debian is often well behind the cutting edge and Mint/LMDE is often a step or two behind that. Things are quicker than usual when there's a showstopper kernel bug, but the lag factor is still there.)