lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 29 Oct 2009 12:00:27 +0100 From: Pavel Machek <pavel@....cz> To: Anton Ivanov <anton.ivanov@...-begemot.co.uk> Cc: Dan Yefimov <dan@...htwave.net.ru>, Matthew Bergin <matt.bergin@...mail.com>, bugtraq@...urityfocus.com Subject: Re: /proc filesystem allows bypassing directory permissions on Linux Hi! > > > Not that I would have expected anything different considering who posted > > > it in the first place. > > > > > Thus Debian kernel team should be blamed for that misbehaviour. Don't worry, > > hardlinks behave just the same way, as you describe. Use authentic Linux > > kernels, if you dislike that. > > Just tested it on my colo where the provider is using some homebrew > derived from the upstream Linux kernel. In any case Pavel was most > likely using Suse and I asked someone to give it a go on one of all > Ubuntu varieties. So even if it is not present upstream it is in a patch > which more than one distro has adopted (f.e. ptrace fixes). Pavel was using pretty much vanilla kernel. (That is, patches in drivers but nothing more significant. Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
Powered by blists - more mailing lists