Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 29 Sep 2016 08:27:47 -0400
From: christos@...las.com (Christos Zoulas)
To: oss-security@...ts.openwall.com
Subject: Re: CVE-2016-7545 -- SELinux sandbox escape

On Sep 29, 12:32pm, jwilk@...lk.net (Jakub Wilk) wrote:
-- Subject: Re: [oss-security] CVE-2016-7545 -- SELinux sandbox escape

| * Christos Zoulas <christos@...las.com>, 2016-09-26, 13:53:
| >On the BSDs TIOCSTI has been limited to the superuser since the 4.4BSD Lite 2 
| >release in 1995 (IIRC).
| 
| Hmm. I've just tried OpenBSD 5.7 and FreeBSD 10.3, and TIOCSTI works fine for 
| non-root users.

I am wrong, sorry. It still works on BSD for the owner of the tty controlling
process group. I guess it is time to fix it everywhere.

christos

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ