If you have heard of the copy.fail Linux vulnerability, you may have chosen to try exploiting it. A not unreasonable thing to try especially if you work in the field.
Dead simple wasn’t it? Now go ahead and replace that /usr/bin/su binary. It has been permanently changed to not ask for a password when escalating to root. This is admittedly obvious if you study the exploit carefully or have gone through a decent walk-through.
But we’re sometimes in a hurry … or working in the evening when we’d rather be doing something else.
So remember to re-install util-linux (Ubuntu, Debian, and probably others).
And yes I was that dumb!
Now the remaining question, is what have we broken by disabling this ALGIF_AEED module?