[rsbac] udev exploit
Jens Kasten
igraltist at rsbac.org
Mon Apr 27 19:55:20 CEST 2009
hi list,
last time the udev exploit was published.
So of course i was looking for, what is the use of rsbac and pax for
such exploits.
i follow the this link:
http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2009-04/msg00204.html
then i call /tmp/udev ``and given value``
i get:
Mon Apr 27 19:43:37 2009 :<6>0000000164|rsbac_adf_request(): request
CHANGE_OWNER, pid 8796, ppid 8556, prog_name suid, prog_file /tmp/suid,
uid 1000, target_type PROCESS, tid 8796, attr owner, value 0, result
NOT_GRANTED by AUTH
Conclusion:
Auth Module is easy to use with strong protection, should everywhere as
default. :D
grüsse
jens
More information about the rsbac
mailing list