lug-bg: Local root exploit v linux kernelite <2.2.15 i <=2.4.20
- Subject: lug-bg: Local root exploit v linux kernelite <2.2.15 i <=2.4.20
- From: vasil@email.domain.hidden ( )
- Date: 19 Mar 2003 01:42:41 +0200
Tova go vidqh predi malko, i mislq, che e hubavo da se postne i tuk -
ima otkrit local root exploit prez ptrace() v linux kernela. Za poveche
podrobnosti mozhete da vidite
http://www.uwsg.indiana.edu/hypermail/linux/kernel/0303.2/0226.html ili
http://marc.theaimsgroup.com/?l=linux-kernel&m=104791735604202&w=2
Kakto si pishe tam, 2.2.15 e fixnatiq kernel za 2.2 seriite, a za 2.4
mozhete da si svalite patch-a ot
http://www.hardrock.org/kernel/2.4.20/linux-2.4.20-ptrace.patch
ili da se hvanete i da si portnete na alan patch-a do sobstvenoto kernel
tree, shtoto toj ne e sprqmo 2.4.20,a sprqmo neshto negovo si(kato
preskochim momenta, che se opitva da patchne arch/um/neshtosi
(UserModeLinux), ima i edin reject iz schedulerite nqkude ...)
p.s. Predpolagam, che problema e podoben na onzi ptrace() exploit predi
izvestno vreme, kojto iziskvashe da imash nqkakvo setuid binary (kakvoto
i da e), taka che _PREDPOLAGAM_ ,che kojto ne iska da restartira, mozhe
prosto da ne ostavq nishto setuid po sistemata si...ama ne vi
preporuchvam da mi vqrvate (za tova poslednoto) , a da se patchnete :)
<p>
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================
<hr>
<ul>
<li>application/pgp-signature attachment: This is a digitally signed message part
</ul>
|