Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 6 Jan 2011 12:54:22 -0500
From: Michael Gilbert <michael.s.gilbert@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE-NONE kernel: PHONET signedness issue

On Thu, 06 Jan 2011 13:20:49 +0800, Eugene Teo wrote:
> re: http://seclists.org/fulldisclosure/2011/Jan/39
> 
> Just in case someone tries to request a CVE name for this, I'm not 
> requesting for one because if you need CAP_SYS_ADMIN capability to 
> exploit this, you are already privileged.

Right, but CAP_SYS_ADMIN != root, or at least it isn't meant to be. I
mean if CAP_SYS_ADMIN == root, then one or the other doesn't need to
exist. There is an exposure here, and for that it deserves a CVE
identifier (of course in my opinion).  See Brad Spengler's recent
write-up [0]. There should be some effort toward making those 21 root
equivalent capabilities discussed there non-equivalent.

Best wishes,
Mike

[0] http://forums.grsecurity.net/viewtopic.php?f=7&t=2522

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ