Re: OpenBSD 2.9,2.8 local root compromise

From: Peter van Dijk (peterat_private)
Date: Sat Jun 16 2001 - 03:00:54 PDT

Next message: Alexander K. Yezhov: "Re[2]: The Dangers of Allowing Users to Post Images"

Previous message: Simon Richter: "Re: Rxvt vulnerability"
In reply to: Tony Lambiris: "Re: OpenBSD 2.9,2.8 local root compromise"
Next in thread: Jason R Thorpe: "Re: OpenBSD 2.9,2.8 local root compromise"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jun 15, 2001 at 11:27:23AM -0400, Tony Lambiris wrote:
> AFAIK its been fixed in -current, and it _will_ be in errata shortly..
> in the meantime, there is a hotfix for the code itself, read the mailing
> lists.. OR
> 
> in /etc/fstab, make /tmp nosuid and noexec, then mount -u /tmp (you did
> make tmp a seperate partition.. didn tyou?)

There are about a 1000 other places on a machine people can stick the
file to be executed. The actual problem is not tmp-related, the
provided exploit just happens to use /tmp.

Making /tmp nosuid and noexec will only stop the kiddo's that are too
stupid to change the exploit to work on such machines.

Greetz, Peter
-- 
Against Free Sex!   http://www.dataloss.nl/Megahard_en.html

Next message: Alexander K. Yezhov: "Re[2]: The Dangers of Allowing Users to Post Images"
Previous message: Simon Richter: "Re: Rxvt vulnerability"
In reply to: Tony Lambiris: "Re: OpenBSD 2.9,2.8 local root compromise"
Next in thread: Jason R Thorpe: "Re: OpenBSD 2.9,2.8 local root compromise"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Jun 16 2001 - 11:46:59 PDT