Re: Local root exploit with kmod and modutils > 2.1.121

From: kuznet@ms2.inr.ac.ru
Date: Thu Nov 16 2000 - 12:32:19 EST

Next message: Andrea Arcangeli: "Re: Memory management bug"
Previous message: bugzilla@redhat.com: "[RHSA-2000:108-02] Updated modutils fixing local root security bug available"
In reply to: Alan Cox: "Re: Local root exploit with kmod and modutils > 2.1.121"
Next in thread: Alan Cox: "Re: Local root exploit with kmod and modutils > 2.1.121"
Reply: Alan Cox: "Re: Local root exploit with kmod and modutils > 2.1.121"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello!

> Only the caller knows if the data is tainted. Thus only the caller can decide

Sorry? What data? What to decide?

Device name of &|&|&|&|&|& is absolutely legal, nicely loking name.
dev.c _wants_ to load such device and it is problem of kmod,
if it is not able to make this.

It is the first. And the second: each user is allowed to refer to this device.
And it is problem of module to allow to load corresponding module or not
to allow this.

It means that test for CAP_SYS_MODULE is illegal, moving pure policy
issue to improper place.

Alexey
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrea Arcangeli: "Re: Memory management bug"
Previous message: bugzilla@redhat.com: "[RHSA-2000:108-02] Updated modutils fixing local root security bug available"
In reply to: Alan Cox: "Re: Local root exploit with kmod and modutils > 2.1.121"
Next in thread: Alan Cox: "Re: Local root exploit with kmod and modutils > 2.1.121"
Reply: Alan Cox: "Re: Local root exploit with kmod and modutils > 2.1.121"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Thu Nov 23 2000 - 21:00:10 EST