On 17/05/13 01:03, Douglas Brown wrote:
Hi all,
You may have seen this vulnerability talked about recently:
http://arstechnica.com/security/2013/05/critical-linux-vulnerability-imperils-users-even-after-silent-fix/
After a long time of evangelising about SELinux to my sceptical
colleagues, this seemed like the perfect opportunity to test it.
We tried the exploit with SELinux in permissive mode and it worked then
in enforcing and SELinux prevented it! Not that I'm surprised, but it's
nice to have a real-world exploit to demonstrate.
Cheers,
Doug
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
Actually, it is quite irrelevant, if the user is confined, because the
exploit can be modified to disable selinux, giving full access to the
system. Fact is, this exploit is quite nasty in that respect, as you can
pretty much modify anything.
So, in other words, it just makes the attackers life a tiny bit harder,
unless she is a script kiddie.
Regards,
Tristan
--
Tristan Santore BSc MBCS
TS4523-RIPE
Network and Infrastructure Operations
InterNexusConnect
Mobile +44-78-55069812
Tristan.Santore@xxxxxxxxxxxxxxxxxxxxx
Former Thawte Notary
(Please note: Thawte has closed its WoT programme down,
and I am therefore no longer able to accredit trust)
For Fedora related issues, please email me at:
TSantore@xxxxxxxxxxxxxxxxx
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
