[00:44:55] <jeblad>	 WTF: https://thehackernews.com/2019/10/linux-sudo-run-as-root-flaw.html
[00:50:49] <AntiComposite>	 Uh, yeah.
[00:52:03] <AntiComposite>	 That's a very "Really? Did nobody try this before?" kind of bug
[00:52:25] <bd808>	 Its a weird edge case. Exploits seem limited unless you are running a server that has a sudoer rule like "<user> = (ALL, !root) <cmd>"
[00:52:30] <jeblad>	 It is an amazingly stupid bug
[00:54:49] <jeblad>	 Oh, bd808, thanks for the reviews!
[00:55:01] <bd808>	 its a weird behavior for setresuid()/setreuid(): "If one of the arguments equals -1, the corresponding value is not changed." -- https://linux.die.net/man/2/setresuid
[00:55:18] <bd808>	 jeblad: sure! Thanks for using mediawiki-vagrant :)
[00:56:05] <jeblad>	 I like vagrant, but it is slow on building new instances
[00:56:30] <jeblad>	 My hw is a bit sluggish… ;)
[00:56:56] <bd808>	 the initial clone of mediawiki/core.git is slow pretty much no matter what
[00:59:15] <jeblad>	 One of my bottlenecks are tests. Unit testing Lua is awfully slow.