lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 30 Jun 2004 16:42:10 +0200 (CEST)
From: Bencsath Boldizsar <boldi@...l2003.etl.hu>
To: bugtraq@...urityfocus.com
Subject: rsbac 1.2.3 jail security problems



Amon Ott has released a security bugfix for RSBAC 1.2.3. The problem was
discovered regarding to the RSBAC JAIL implementation. Please read the
attached original release note if interested.  The bugfix is available for
download at

 http://www.rsbac.org/download/bugfixes/

For beginners, RSBAC is:
-Free Open Source (GPL) Linux kernel security extension
-Independent of governments and big companies
-Implements several well-known and new security models, e.g. MAC, ACL and
RC
-Control over individual user and program network accesses
-Any combination of models possible
-Easily extensible: write your own model for runtime registration
-Support for current kernels
-Stable for production use

----------------------
From ao<at@>rsbac.org Wed Jun 30 16:34:51 2004
Date: Wed, 30 Jun 2004 14:03:29 +0200
From: Amon Ott <ao<at@>rsbac.org>
Reply-To: RSBAC Discussion and Announcements <rsbac@...ac.org>
To: RSBAC Discussion and Announcements <rsbac@...ac.org>
Subject: [rsbac] Bugfix 1.2.3-3 / JAIL

Hi everyone,

here comes another bugfix. Thanks to Brad for providing details.

Because of this and other security relevant bugfixes contained in the
v1.2.3 release, all people using JAIL module are requested to update ASAP
to RSBAC v1.2.3 with this bugfix applied. Pre-patched kernel updates will
soon follow.

One important note: When upgrading from previous versions to v1.2.3, you
must change your calls to rsbac_jail, because the syntax has changed. I
also recommend to restrict the Linux capabilites available to your jailed
services with the new JAIL cap restriction feature.


3. JAIL: suid/sgid files can be created inside jail

    * Urgency: Medium.
    * What you see: Programs can create suid and sgid files with sys_creat,
sys_open and sys_mknod inside jails.
    * What is wrong: In the JAIL module CREATE check, the corresponding
mode values are not checked.
    * Implications: Possible indirect privilege escalation inside the jail.
    * Credits: Thanks to Brad Sprengler for reporting this bug.
    * RSBAC versions affected: 1.2.2-1.2.3.
    * What you should do: Apply this patch (MD5 / GnuPG Cert) to get the
bug corrected, recompile the kernel, reinstall and reboot.

Amon.
-- 
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
_______________________________________________
rsbac mailing list
rsbac<at.rsbac.org
http://www.rsbac.org/mailman/listinfo/rsbac

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ