this post was submitted on 30 Apr 2026
319 points (98.2% liked)

Selfhosted

60723 readers
295 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details. Tags [CBH] or [AIP] are required, see the links in Rule 8 for details.

  8. AI-related discussions and AI-involved promotional posts have additional requirements for tagging, as noted in Rule 7 and the AI & Promotional Post Expanded Rules post, and find example disclosures here.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] ipp0@sopuli.xyz 1 points 2 months ago (1 children)

Do you have a source for how often it happens or is this conjecture? I guess this would most often happen through supply chain attacks or physical access, the first not being all that common in my understanding and the latter not being a typical threat model for a home computer. But if you have a source explaining what actually happens, I would love to read it.

[–] possiblylinux127@lemmy.zip 1 points 2 months ago* (last edited 2 months ago) (1 children)

There are plenty of way to get a local unprivileged shell

For instance, if you are running a old version of cups someone could chain together several vulnerabilities to gain root on your system

https://www.bleepingcomputer.com/news/security/cups-flaws-enable-linux-remote-code-execution-but-theres-a-catch/

Having a MAC like SELinux helps to mitigate this but you still should patch as soon as possible

[–] ipp0@sopuli.xyz 1 points 2 months ago

These are from 2024 (which means your box likely has none of these in 2026), and “the attacker has to trick a user into printing from a malicious printer server on their local network that suddenly appears on their machine” which is quite unlikely for a regular home pc. The attacker would require access to your network which would likely mean they’re inside your house so you have other problems besides privilege escalation.