"Windows has been thoroughly vetted"
Oh really ?
You don't say. By who ?
Maybe you get some of those guys to thoroughly vet your updates as well ?
Silly me, I need some more frog pills . . .
Microsoft is flagging up a security hole in its Service Fabric technology when using containerized Linux workloads, and urged customers to upgrade their clusters to the most recent release. The flaw is tracked as CVE-2022-30137, an elevation-of-privilege vulnerability in Microsoft's Service Fabric. An attacker would need read/ …
>>>"By design," said Microsoft, "root access on the machine hosting the SF note is not considered a security boundary in an SF cluster; the highest privileged role on a node is equally privileged anywhere in the same cluster."<<<
By design root access is not a security boundary ! - MS harking back to DOS then...
My thought exactly. It's a Linux issue because Windows doesn't allow you to do much so you can't exploit this Microsoft bug from Windows...
- Embrace : Check, Linux on Azure
- Extend : not an issue in a Cloud, it's more like "Empower" there (still an "E" so in-spec)
- Extinguish : Let's artificially create security bugs on our platform that are only exploitable from the competition's guest, then claim it's the guest's fault.
"Such that you can delegate rights granularly and SUDO doesn't need root privileges."
Can you elaborate on that ? because that's someting *Nix has been doing for a few decades now, and that MS just figured they might try to emulate, like, last year or so. And they spectacularly failed.
This post has been deleted by its author