Title
#general
s

seph

12/15/2020, 1:29 AM
Hi Folks! We’ve just published a security advisory about osquery. An osquery administrator with access to osquery’s distributed read/write interface or configuration file can read/write/modify arbitrary sqlite databases on disk. This has been patched in github, and will be included in the impending 4.6.0 release. Advisory at https://github.com/osquery/osquery/security/advisories/GHSA-4g56-2482-x7q8 If you have any questions, feel free to reach out here or via DM.
j

jgamblin

12/15/2020, 9:20 PM
This falls into that annoying an "Admin can do Admin Stuff" category but thanks for the quick fix.