On 17/05/13 01:03, Douglas Brown wrote: > Hi all, > > You may have seen this vulnerability talked about > recently: http://arstechnica.com/security/2013/05/critical-linux-vulnerability-imperils-users-even-after-silent-fix/ > > After a long time of evangelising about SELinux to my sceptical > colleagues, this seemed like the perfect opportunity to test it. > > We tried the exploit with SELinux in permissive mode and it worked then > in enforcing and SELinux prevented it! Not that I'm surprised, but it's > nice to have a real-world exploit to demonstrate. Unfortunately, whatever you tested was not this. $ ls -la sem* -rwxrwxr-x. 1 trevor trevor 10007 May 14 13:39 semtex -rw-rw-r--. 1 trevor trevor 2488 May 14 13:39 semtex.c $ getenforce Enforcing $ uname -a Linux hostname 2.6.32-358.6.1.el6.x86_64 #1 SMP Tue Apr 23 19:29:00 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux $ ./semtex 2.6.37-3.x x86_64 sd@xxxxxxxxxxxxx 2010 -sh-4.1# Sorry. Trevor -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
