On 2020-01-29 13:07, Oriol Demaria wrote: > I understand that root might be required to open privileged ports, but then > how commands are run as root when you exploit opensmtpd vulnerability?
Giles has said further information is coming but it root isn't just required for privileged ports but also other things like creating files owned by various users etc. Looks to me like some extra checks, created an issue. Should be an interesting read.
