Re: kernel module for chmod restrictions while in securelevel on
Hi list
#1 Not same exploit referenced in URL.
#2 Not same bug, although you had the function right, sort of.
#3 That kernel module is useless: The exploit in the wild has already =
changed to bypass such restriction.
#4 The bug is already patched, upgrade your kernel.
#5 If you intend on introducing a kernel module that potentially makes =
your system unstable, make sure it actually fixes the bug. This =
workaround merely made the exploit grow more lethal, and provides a =
FALSE sense of a security, and as such I would *STRONGLY* discourage use =
of this kernel module.
This is a perfect example of why software developers never ever will be =
able to fight blackhat hackers: Ignorance.
Thanks.
On Jul 31, 2010, at 2:59 PM, Istv=E1n wrote:
> http://www.securiteam.com/exploits/6P00C00EKO.html
>=20
> <http://www.securiteam.com/exploits/6P00C00EKO.html>HTH
>=20
> On Sat, Jul 31, 2010 at 1:41 PM, Kostik Belousov =
<kostikbel@gmail.com>wrote:
>=20
>> On Fri, Jul 30, 2010 at 11:18:39PM -0700, Selphie Keller wrote:
>>> Kernel module for chmod restrictions while in securelevel one or =
higher:
>>> http://gist.github.com/501800 (fbsd 8.x)
>>>=20
>>> Was looking at the new recent sendfile/mbuf exploit and it was using =
a
>>> shellcode that calls chmod syscall to make a setuid/setgid binary.
>> However
>> Can you point to the exploit (code) ?
>>=20
>=20
>=20
>=20
> --=20
> the sun shines for all
>=20
> http://l1xl1x.blogspot.com
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to =
"freebsd-security-unsubscribe@freebsd.org"
>=20
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 5 之 8 篇):