Uma iphrojekthi yabelana ngesihloko ku-akhawunti esemthethweni futhi ingaveli kubhulogi yabo, kukhona okwenzekayo. Futhi cha, akubanga ukuthola isifuba, kodwa ukwazisa umphakathi. It okwabiwe nguFedora ukhuluma ngesiphazamisi esibizwa I-PwnKit, futhi ithinta ukusatshalaliswa kweLinux okuningana okusetshenziswa kakhulu. I-Fedora isohlwini, abaningi abayibheka njengesibonelo esihle kakhulu lapho sifuna ukukhuluma nge-distro nge-GNOME, kodwa futhi nezinye ezimbili eziluma kancane.
Ngeke singene kokuthi iyiphi inketho engcono, kodwa UDebian no-Ubuntu nabo baphakathi kwalabo abathintekile kusivumela ukuthi sisho ukuthi iningi labasebenzisi be-Linux bazovezwa ku-PwnKit. Kunokusabalalisa okuningi okusekelwe ku-Debian, nokunye okuningi osekwenza ku-Ubuntu, njenge I-Linux Mint. Uhlu lwalabo okukhulunywe ngabo ngokuqondile luzovalwa yi-CentOS ne-Red Hat, kodwa thina sonke akufanele siyeke ukukhathazeka.
I-PwnKit iveza abasebenzisi abaningi be-Linux
Ukuba sengozini kuhlonzwe ngokuthi I-CVE-2021-4034 (lapha ulwazi oluvela kuCanonical) kanye iyingxenye ye-pkexec ye-Polkit, okuwukulungiselelwa okuzenzakalelayo kokusatshalaliswa okuningi kwe-Linux. Yize isineminyaka engaphezu kweshumi ikhona, ikhishwe izolo, Januwari 25, futhi isiqeshana siyeza maduze kulabo abangakasitholi. Okubi kakhulu yilokho umsebenzisi ononya angakwenza ngenxa ye-PwnKit: thola amalungelo aphezulu omsebenzisi noma impande.
Ubuntu kanye ne-Red Hat sebevele bakhiphe isiqeshana sokulungisa ubungozi ezinguqulweni zakamuva, futhi okunye ukusatshalaliswa okudume kakhulu kufanele kwenze lokho maduze. Uma kucatshangelwa ukuthi ama-patches alolu hlobo yizibuyekezo ezincane, kunjalo futhi kungenzeka ukuthi ukusatshalaliswa kwethu kwe-Linux sekuvele kuyiqeqetshile ngaphandle kwethu ukuqaphela, kodwa into ebalulekile lapha ukukhumbula okuthile okufanele sikucabangele: kufanelekile ukuba nanoma iyiphi isistimu yokusebenza isesikhathini, kanye nokusebenzisa izibuyekezo zokuphepha ngaphezu kwakho konke.