summaryrefslogtreecommitdiffstats
path: root/wiki/src/contribute/design/incremental_upgrades.mdwn
diff options
context:
space:
mode:
Diffstat (limited to 'wiki/src/contribute/design/incremental_upgrades.mdwn')
-rw-r--r--wiki/src/contribute/design/incremental_upgrades.mdwn6
1 files changed, 3 insertions, 3 deletions
diff --git a/wiki/src/contribute/design/incremental_upgrades.mdwn b/wiki/src/contribute/design/incremental_upgrades.mdwn
index faaf241..e1e7ee2 100644
--- a/wiki/src/contribute/design/incremental_upgrades.mdwn
+++ b/wiki/src/contribute/design/incremental_upgrades.mdwn
@@ -717,9 +717,9 @@ user, who itself:
passwordless sudo, as the `tails-iuk-get-target-file` user.
The `tails-install-iuk` user is allowed to run, using passwordless
-sudo, every command required by its task (currently: `chmod`, `cp`,
-`dd`, `mkdir`, `mktemp`, `mount`, `rm`, `tar` and
-`/lib/live/mount/medium/utils/linux/syslinux`) with any arguments.
+sudo, every command required by its task with any arguments.
+This includes e.g. `cp` so for all practical security purposes,
+it can effectively escalate to arbitrary code execution as root.
It is a member of the `tails-iuk-get-target-file` group, which allows it to
read the files downloaded by the `tails-iuk-get-target-file` program.