Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://ioc.exchange/users/faebudo/statuses/114314522362957520">faebudo (faebudo@ioc.exchange)'s status on Friday, 11-Apr-2025 01:12:19 JST</a><a href="https://ioc.exchange/@faebudo" title="faebudo@ioc.exchange"><img src="https://gnusocial.jp/avatar/255330-48-20240414114638.webp" width="48" height="48" alt="faebudo" style="position: absolute; left: 0; top: 0;">faebudo</a><div><ul><li><li><a href="https://gnusocial.jp/user/92473" title="fritzadalis@infosec.exchange">Fritz Adalis</a></li><li><a href="https://gnusocial.jp/user/106016" title="jernej__s@infosec.exchange">Jernej Simončič �</a></li><li><a href="https://gnusocial.jp/user/232810" title="wdormann@infosec.exchange">Will Dormann</a></li></ul></div></section><article><p><a href="https://cyberplace.social/@GossiTheDog">@GossiTheDog</a> <a href="https://infosec.exchange/@wdormann">@wdormann</a> <a href="https://infosec.exchange/@FritzAdalis">@FritzAdalis</a> <a href="https://infosec.exchange/@jernej__s">@jernej__s</a> There are now sites that say that you can safely delete the folder after installation of the kb.</p><p>My assumption is that the folder has been created to fix a possible vulnerability where a user can place a folder/file there to exploit a bug in another component and elevate privileges. I would leave it there.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4869453#notice-9546777">In conversation</a><time datetime="2025-04-11T01:12:19+09:00" title="Friday, 11-Apr-2025 01:12:19 JST">about 20 days ago</time> <span>from <span><a href="https://gnusocial.jp/notice/9546777" rel="external" title="Sent from gnusocial.jp via ActivityPub">gnusocial.jp</a></span></span><a href="https://gnusocial.jp/notice/9546777">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/4443933">Untitled attachment</a></label><br></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
faebudo (faebudo@ioc.exchange)'s status on Friday, 11-Apr-2025 01:12:19 JSTfaebudo
@GossiTheDog @wdormann @FritzAdalis @jernej__s There are now sites that say that you can safely delete the folder after installation of the kb.
My assumption is that the folder has been created to fix a possible vulnerability where a user can place a folder/file there to exploit a bug in another component and elevate privileges. I would leave it there.
In conversation20 days ago from gnusocial.jppermalink
Attachments
1. Untitled attachment

Public

Embed Notice

HTML Code

Corresponding Notice