Re: [PATCH][RFC] 2.5.44 (1/2): Filesystem capabilities kernel patch

From: Chris Evans (chris@scary.beasts.org)
Date: Tue Oct 29 2002 - 06:18:22 EST

Next message: Florian Lohoff: "[PATCH] radeonfb aggregated LY/LZ 8MB + ia64 void * vs u32"
Previous message: Olaf Dietsche: "Re: [PATCH][RFC] 2.5.44 (1/2): Filesystem capabilities kernel patch"
In reply to: Olaf Dietsche: "Re: [PATCH][RFC] 2.5.44 (1/2): Filesystem capabilities kernel patch"
Next in thread: Andreas Gruenbacher: "Re: [PATCH][RFC] 2.5.44 (1/2): Filesystem capabilities kernel patch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

Quoting Olaf Dietsche
<olaf.dietsche#list.linux-kernel@t-online.de>:

> I just downloaded glibc 2.3.1 and would say you can
subvert a
> privileged executable with LD_PRELOAD. There's no
mention of
> PR_GET_DUMPABLE anywhere and __libc_enable_secure is
set according to
> some euid/egid tests.

In theory you should be able to just replace the
__libc_enable_secure check with

__libc_enable_secure = !prctl(PR_GET_DUMPABLE);

i.e. let the kernel handle the logic of whether a
process is running privileged.If we duplicate it
between kernel and libc, we'll get security bugs.

Cheers
Chris

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Florian Lohoff: "[PATCH] radeonfb aggregated LY/LZ 8MB + ia64 void * vs u32"
Previous message: Olaf Dietsche: "Re: [PATCH][RFC] 2.5.44 (1/2): Filesystem capabilities kernel patch"
In reply to: Olaf Dietsche: "Re: [PATCH][RFC] 2.5.44 (1/2): Filesystem capabilities kernel patch"
Next in thread: Andreas Gruenbacher: "Re: [PATCH][RFC] 2.5.44 (1/2): Filesystem capabilities kernel patch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Thu Oct 31 2002 - 22:00:41 EST