Proof is in the pudding
Tristan Santore
tristan.santore at internexusconnect.net
Fri May 17 00:29:56 UTC 2013
On 17/05/13 01:03, Douglas Brown wrote:
> Hi all,
>
> You may have seen this vulnerability talked about recently:
> http://arstechnica.com/security/2013/05/critical-linux-vulnerability-imperils-users-even-after-silent-fix/
>
> After a long time of evangelising about SELinux to my sceptical
> colleagues, this seemed like the perfect opportunity to test it.
>
> We tried the exploit with SELinux in permissive mode and it worked then
> in enforcing and SELinux prevented it! Not that I'm surprised, but it's
> nice to have a real-world exploit to demonstrate.
>
> Cheers,
> Doug
>
>
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
Actually, it is quite irrelevant, if the user is confined, because the
exploit can be modified to disable selinux, giving full access to the
system. Fact is, this exploit is quite nasty in that respect, as you can
pretty much modify anything.
So, in other words, it just makes the attackers life a tiny bit harder,
unless she is a script kiddie.
Regards,
Tristan
--
Tristan Santore BSc MBCS
TS4523-RIPE
Network and Infrastructure Operations
InterNexusConnect
Mobile +44-78-55069812
Tristan.Santore at internexusconnect.net
Former Thawte Notary
(Please note: Thawte has closed its WoT programme down,
and I am therefore no longer able to accredit trust)
For Fedora related issues, please email me at:
TSantore at fedoraproject.org
More information about the selinux
mailing list