[rsbac] Fwd: Re: Will 2.4.20 Source be patched for the latest
kernel vulnerability?
Amon Ott
ao at rsbac.org
Tue Dec 2 14:15:58 CET 2003
Hi!
Just found a workaround for the 2.4 sys_brk bug. It seems sufficient to limit
the address space to max. 2GB, e.g. using RSBAC RES module:
As secoff etc:
- start rsbac_user_menu
- Choose RES default user
- Select RES max resources
- Set AS resource e.g. to 2000000000 (2 with 9 zeroes = 2GB)
Best solution is of course the patch.
Amon.
---------- Forwarded Message ----------
Subject: Re: Will 2.4.20 Source be patched for the latest kernel
vulnerability?
Date: Dienstag, 2. Dezember 2003 12:52
From: Christian Horchert <chorchert at veedev.de>
To: debian-security at lists.debian.org
Cc: peace bwitchu <peacebwitchu at yahoo.com>
Am 02.12.2003 um 02:52 schrieb peace bwitchu:
> Will 2.4.20 Source be patched for the latest kernel
> local root vulnerability?
On SuSE-Security Roman Drahtmüller has posted a workaround
which may help as long as there is no patch (haven't try
this one on my own).
###########################################################
An easy workaround against the brk() issue: Set the address
space limit to another value than nothing, even a very high
value.
Add the line
ulimit -v 2147483647
as the second lines of /etc/init.d/rc and /etc/profile,
execute the command itself in your shell and then restart
all daemons that allow logins (xdm, sshd, inetd/xinetd, ...).
Alternatively, simply reboot after adding the lines.
(Courtesy of Solar Designer)
Thanks for summarizing.
Roman
###########################################################
--
To UNSUBSCRIBE, email to debian-security-request at lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster at lists.debian.org
-------------------------------------------------------
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the rsbac
mailing list