Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 13 Dec 2015 23:59:52 +0000
From: halfdog <me@...fdog.net>
To: oss-security@...ts.openwall.com
Subject: Re: User man Local Root Exploit/Linux Kernel setgid
 Directory Privilege Escalation/PAM Owner Check Weakness

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

halfdog wrote:
> Hello List,
> 
> Those three interlinked issues did not find complete 
> discussion/solution in the past 3 month after reporting to Linux 
> distributor, but there is silent approval for disclosure (for 
> 2015-11-30).
> 
> Send me a note, if someone else wants to take a look before that, 
> otherwise I would post the links 2015-12-14.

Here they are. I have got feedback, that at least Suse is not affected
by that. As the affected configuration seems to not so common and also
impact is not really high - usually no user-controllable services are
run as user "man" - this should not be a great deal. It is just
something to fix sometime, which should be possible now for more
people as information now publicly available.

[1]
http://www.halfdog.net/Security/2015/MandbSymlinkLocalRootPrivilegeEscalation/

[2]
http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/

hd

- -- 
http://www.halfdog.net/
PGP: 156A AE98 B91F 0114 FE88  2BD8 C459 9386 feed a bee
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlZuBnAACgkQxFmThv7tq+7WkQCfV1pdQBOseacrAXeIAsQ/YriJ
LgUAnAyAt3uoTchM8dB6H1s7NKXjMceL
=hP2B
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ