[rsbac] udev exploit
Javier J. Martínez Cabezón
tazok.id0 at gmail.com
Mon Apr 27 21:05:17 CEST 2009
And filtering LD variables with rsbac¿? :-)
2009/4/27 Jens Kasten <igraltist en rsbac.org>:
> hi list,
>
> last time the udev exploit was published.
> So of course i was looking for, what is the use of rsbac and pax for
> such exploits.
> i follow the this link:
>
> http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2009-04/msg00204.html
>
> then i call /tmp/udev ``and given value``
> i get:
> Mon Apr 27 19:43:37 2009 :<6>0000000164|rsbac_adf_request(): request
> CHANGE_OWNER, pid 8796, ppid 8556, prog_name suid, prog_file /tmp/suid,
> uid 1000, target_type PROCESS, tid 8796, attr owner, value 0, result
> NOT_GRANTED by AUTH
>
> Conclusion:
> Auth Module is easy to use with strong protection, should everywhere as
> default. :D
>
> grüsse
> jens
>
>
>
> _______________________________________________
> rsbac mailing list
> rsbac en rsbac.org
> http://www.rsbac.org/mailman/listinfo/rsbac
More information about the rsbac
mailing list