On 17/05/13 10:29 AM, "Tristan Santore" <tristan.santore@xxxxxxxxxxxxxxxxxxxxx> wrote: >On 17/05/13 01:03, Douglas Brown wrote: >> Hi all, >> >> You may have seen this vulnerability talked about recently: >> >>http://arstechnica.com/security/2013/05/critical-linux-vulnerability-impe >>rils-users-even-after-silent-fix/ >> >> After a long time of evangelising about SELinux to my sceptical >> colleagues, this seemed like the perfect opportunity to test it. >> >> We tried the exploit with SELinux in permissive mode and it worked then >> in enforcing and SELinux prevented it! Not that I'm surprised, but it's >> nice to have a real-world exploit to demonstrate. >> >> Cheers, >> Doug >Actually, it is quite irrelevant, if the user is confined, because the >exploit can be modified to disable selinux, giving full access to the >system. Fact is, this exploit is quite nasty in that respect, as you can >pretty much modify anything. >So, in other words, it just makes the attackers life a tiny bit harder, >unless she is a script kiddie. If you think this is the case, please demonstrate. Cheers, Doug -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
