yup pretty sure
$ cat /etc/passwd
fox:hunter2:1000:1000::/home/fox:/usr/bin/zsh
😉
you don’t need to be root to read /etc/passwd
following a recipe is like executing an algorithm, except there is no segmentation fault. whats not to like.
However, the two Jumpsec Red Team members found that they could go around the restriction by changing the internal and external recipient ID in the POST request of a message, thus fooling the system into treating an external user as an internal one.
so they only do the check on client side. classic.
Love to see the community coming together to improve things !