Re: New module: tpe

• Previous message: dlambrouat_private: "Re: New module: tpe"
• In reply to: Niki Rahimi: "New module: tpe"
• Next in thread: Niki Rahimi: "Re: New module: tpe"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 14 May 2003 11:28:49 MDT, Niki Rahimi <narahimiat_private>  said:
+The purpose of the Trusted Path Execution Linux Security Module is to enable a
+check in the Linux kernel to limit the running of executables in trusted paths
+so that the potential for malicious code to be run on the system is reduced.
+A trusted path is one in which the parent directory of a file is owned by root
+and is neither group nor other writeable. 

The problem with this check is that you can still have a problem if (for
instance)  /usr/bin is mode 755 owned root/system, but /usr is mode 775.
This allows a privilege escalation under some circumstances - the proper
check is "entire chain of directories from / to here".

• application/pgp-signature attachment: stored

• Next message: Niki Rahimi: "Re: New module: tpe"
• Previous message: dlambrouat_private: "Re: New module: tpe"
• In reply to: Niki Rahimi: "New module: tpe"
• Next in thread: Niki Rahimi: "Re: New module: tpe"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed May 14 2003 - 11:19:44 PDT