[rsbac] Urgent Security Bugfix 1.2.3-14
Andrea Pasquinucci
cesare at ucci.it
Wed Feb 23 19:51:01 CET 2005
Do I understand correctly that there is no bug for v1.2.3 on 2.6 kernel?
Otherwise which patch should I use? Thanks
Andrea
On Wed, Feb 23, 2005 at 04:23:09PM +0100, Amon Ott wrote:
* RSBAC Security Bugfix v1.2.3-14 for 2.4 kernels has been released!
* Urgency is high - please apply ASAP, if you run v1.2.3 on a 2.4
* kernel!
*
* 14. General/Kernels 2.4.x: Missing RSBAC interception for sys_sysctl
*
* * Urgency: High.
* * What you see: Processes with sufficient Linux rights can change
* sysctl settings through sys_sysctl, although not allowed by RSBAC
* control.
* * What is wrong: The syscall sys_sysctl is not intercepted, but
* the proc interface at /proc/sys/ is intercepted correctly.
* * Implications: Encapsulated daemons running as root or with
* additional Linux capabilities can change important system settings.
* E.g. kernel.modprobe controls, which binary is run by the kernel with
* root rights when trying to access a not existing device.
* * Credits: Thanks to Brad Sprengler for hinting at sys_sysctl.
* * RSBAC versions affected: All versions up to 1.2.4.
* * What you should do: Apply this patch (MD5 / GnuPG Cert) to get
* the bug corrected, recompile the kernel, reinstall and reboot.
*
* Amon.
* --
* http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the rsbac
mailing list