lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <38520.1323740443@turing-police.cc.vt.edu>
Date: Mon, 12 Dec 2011 20:40:43 -0500
From: Valdis.Kletnieks@...edu
To: Ramon de C Valle <rcvalle@...hat.com>
Cc: isowarez isowarez isowarez <isowarez.isowarez.isowarez@...glemail.com>,
	dwalsh@...hat.com, full-disclosure@...ts.grok.org.uk
Subject: Re: Fwd: VSFTPD Remote Heap Overrun (low severity)

On Mon, 12 Dec 2011 19:19:20 EST, Ramon de C Valle said:

> Actually, this is has no relation with binaries. Transitions are defined per domain in SELinux policy. For additional information, refer to:
> http://danwalsh.livejournal.com/23944.html

Exactly the point - that's how most transitions are done.

However, if you want to start off in an SELinux context that can read locale_t,
open the file, chroot, and then change to another context that can't reade
locale_t, then you're going to need to use setcon() in the process rather than
just letting execcon based transitions letting it happen.  And at that point,
you just bought a hole bunch more headache, because now you need to do setcon()
*securely* rather than just get transitioned into an ftpd_t just by getting
exec'ed.

> > We're lucky nobody has looked into what should happen on an
> > MLS-enabled system :)
> I don't think sensitivity levels would make any difference in this case in the current SELinux MLS policy.

No, but if user A and user B are in different sensitivity levels, it's even
more loads of fun to make sure that the ftpd can get to the proper sensitivity
level for each user via setcon() without botching it.


Content of type "application/pgp-signature" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ