Current devel kernel - possible security hole
Robin Green
greenrd at greenrd.org
Mon Aug 8 17:04:19 UTC 2005
On Fri, 05 Aug 2005 11:35:45 +0100, Paul wrote:
> I have a small mono application which uses threading. Somehow, I managed
> to run the application and kill the desktop, but was then able to
> access, as a standard user, and both read and write to anywhere on my
> hard drive.
>
> I can reproduce the problem with the same application, but not with same
> code using C or C++.
How weird!
Some questions:
- Did you have to log in again or was this on an existing shell or nautilus?
- Did you use ps to check the real/effective uids of the process(es) that are
accessing forbidden files?
I would post this to bugzilla to make sure it doesn't get lost.
--
Robin
More information about the devel
mailing list