Re: Serious attack vector on pkcheck ignored by Red Hat

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Once upon a time, Valeri Galtsev <galtsev@xxxxxxxxxxxxxxxxx> said:
> Indeed, perl and often python are installed on most of servers I run. Not
> considering myself security expert, I would like to ask: could you point
> to some elevation of privileges exploit written in perl or python? All
> I've seen were c/c++, but again I'm just a humble sysadmin.

That wasn't the point; the point was that users can only run system
binaries so they can only do what is "permitted".  I don't know about
python, but perl can make arbitrary kernel system calls (even if they
aren't actually supported by perl), so having perl installed allows
users to do anything a compiled program can do.  Trying to control what
users can do by mounting "noexec" is not particularly limiting, at least
to somebody determined.

So it may be harder/more cumbersome/etc., but I believe that you could
write exploits in perl or python; it just isn't commonly done in
examples because of the extra work (it's also probably harder to read).

-- 
Chris Adams <linux@xxxxxxxxxxx>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux