CVE-2015-5602 and SELinux
Miroslav Grepl
mgrepl at redhat.com
Wed Nov 4 12:15:28 UTC 2015
On 11/04/2015 12:42 PM, Lakshmipathi.G wrote:
> Thanks for the blog post. Quick question, this affects only when root
> gives permission to 'usr' to edit
> files owned by him?
That's correct. You can read more details in
https://www.exploit-db.com/exploits/37710/.
>
> We rely heavily on SELinux to confine users (guest_u) on our project
> (www.webminal.org <http://www.webminal.org>)
>
> ----
> Cheers,
> Lakshmipathi.G
> FOSS Programmer.
> www.giis.co.in <http://www.giis.co.in>
>
> On Wed, Nov 4, 2015 at 4:44 PM, Miroslav Grepl <mgrepl at redhat.com
> <mailto:mgrepl at redhat.com>> wrote:
>
> We wrote a blog post explaining how SELinux helps you with this sudo
> CVE.
>
> https://mgrepl.wordpress.com/2015/11/04/cve-2015-5602-and-selinux/
>
> --
> Miroslav Grepl
> Senior Software Engineer, SELinux Solutions
> Red Hat, Inc.
> --
> selinux mailing list
> selinux at lists.fedoraproject.org <mailto:selinux at lists.fedoraproject.org>
> https://admin.fedoraproject.org/mailman/listinfo/selinux
>
>
--
Miroslav Grepl
Senior Software Engineer, SELinux Solutions
Red Hat, Inc.
More information about the selinux
mailing list