Date: Sun, 13 Dec 2015 23:59:52 +0000 From: halfdog <me@...fdog.net> To: oss-security@...ts.openwall.com Subject: Re: User man Local Root Exploit/Linux Kernel setgid Directory Privilege Escalation/PAM Owner Check Weakness -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 halfdog wrote: > Hello List, > > Those three interlinked issues did not find complete > discussion/solution in the past 3 month after reporting to Linux > distributor, but there is silent approval for disclosure (for > 2015-11-30). > > Send me a note, if someone else wants to take a look before that, > otherwise I would post the links 2015-12-14. Here they are. I have got feedback, that at least Suse is not affected by that. As the affected configuration seems to not so common and also impact is not really high - usually no user-controllable services are run as user "man" - this should not be a great deal. It is just something to fix sometime, which should be possible now for more people as information now publicly available.  http://www.halfdog.net/Security/2015/MandbSymlinkLocalRootPrivilegeEscalation/  http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/ hd - -- http://www.halfdog.net/ PGP: 156A AE98 B91F 0114 FE88 2BD8 C459 9386 feed a bee -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlZuBnAACgkQxFmThv7tq+7WkQCfV1pdQBOseacrAXeIAsQ/YriJ LgUAnAyAt3uoTchM8dB6H1s7NKXjMceL =hP2B -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ