aru Posted March 19, 2003 Report Share Posted March 19, 2003 This looks serious; check alan cox's mail Ptrace hole / Linux 2.2.25 Affects kernels 2.2.x to 2.4.x Vulnerability: CAN-2003-0127 The Linux 2.2 and Linux 2.4 kernels have a flaw in ptrace. This hole allows local users to obtain full privileges. Remote exploitation of this hole is not possible. Linux 2.5 is not believed to be vulnerable. Linux 2.2.25 has been released to correct Linux 2.2. It contains no other changes. The bug fixes that would have been in 2.2.5pre1 will now appear in 2.2.26pre1. The patch will apply directly to most older 2.2 releases. A patch for Linux 2.4.20/Linux 2.4.21pre is attached. The patch also subtly changes the PR_SET_DUMPABLE prctl. We believe this is neccessary and that it will not affect any software. The functionality change is specific to unusual debugging situations. We would like to thank Andrzej Szombierski who found the problem, and wrote an initial patch. Seth Arnold cleaned up the 2.2 change. Arjan van de Ven and Ben LaHaise identified additional problems with the original fix. Alan The mentioned patch is in the original post. I'm sure mandrake will soon release its own patched kernels. Quote Link to comment Share on other sites More sharing options...
bvc Posted March 22, 2003 Report Share Posted March 22, 2003 I wonder if this is what happened to me twice when after opening a terminal, and running mcc, I'd have to enter the root password which is great but 10 minutes later as bvc I'd do the same thing and would not be asked for a password :roll: so I'd be in mcc making changes as bvc. Thanks for the post! :wink: Quote Link to comment Share on other sites More sharing options...
Guest ndeb Posted March 24, 2003 Report Share Posted March 24, 2003 I wonder if this is what happened to me twice when after opening a terminal, and running mcc, I'd have to enter the root password which is great but 10 minutes later as bvc I'd do the same thing and would not be asked for a password so I'd be in mcc making changes as bvc.This has Nothing to do with the kernel. Its intended and is a feature of sudo. Quote Link to comment Share on other sites More sharing options...
Guest ndeb Posted March 24, 2003 Report Share Posted March 24, 2003 Perhaps, from now on, we all should use the secure version kernel-secure, which seems to be taking care of the issues fixed in http://grsecurity.net/news.php , unless there is a serious disadvantage to using the kernel-secure. Is there any reason why kernel-secure should not be used in preference to kernel ? Quote Link to comment Share on other sites More sharing options...
bvc Posted March 24, 2003 Report Share Posted March 24, 2003 This has Nothing to do with the kernel. Its intended and is a feature of sudo.I don't see that in this thread or link?....were did you get this info? All I've ever heard about kernel-secure is that it's much more difficult do to almost anything. You spend more time screwing with permissions than anything else. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.