Sorcery 后置链接漏洞

Sorcery is an authentication software package. A backlink vulnerability exists in play-sorcery-kms in Sorcery version 0.6.0. A local attacker can exploit this vulnerability to gain root privileges by attacking /tmp/replay-sorcery or /tmp/replay-sorcery/device.sock via symbolic links...