From: Eugene Teo <eteo@redhat.com>
To: 7eggert@gmx.de
Cc: Marcel Holtmann <marcel@holtmann.org>,
Linus Torvalds <torvalds@osdl.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Andrew Morton <akpm@osdl.org>
Subject: Re: Require mmap handler for a.out executables
Date: Fri, 28 Jul 2006 01:59:28 +0800 [thread overview]
Message-ID: <44C8FF00.80106@redhat.com> (raw)
In-Reply-To: <E1G69zn-0001Wb-66@be1.lrz>
Bodo Eggert wrote:
> Marcel Holtmann <marcel@holtmann.org> wrote:
>
>> with the nasty /proc privilege escalation (CVE-2006-3626) it became
>> clear that we need to do something more to better protect us against
>> people exploiting stuff in /proc. Besides the don't allow chmod stuff,
>> Eugene also proposed to depend the a.out execution on the existence of
>> the mmap handler. Since we are doing the same for ELF, this makes
>> totally sense to me.
>
> Can shell scripts or binfmt_misc be exploited, too? Even if not, I'd
> additionally force noexec, nosuid on proc and sysfs mounts.
Right. That's why we do not allow chmod() /proc/*/*/* files.
http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6d76fa58b050044994fe25f8753b8023f2b36737
Eugene
--
eteo redhat.com ph: +65 6490 4142 http://www.kernel.org/~eugeneteo
gpg fingerprint: 47B9 90F6 AE4A 9C51 37E0 D6E1 EA84 C6A2 58DF 8823
next prev parent reply other threads:[~2006-07-27 17:59 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <6COYh-8f0-41@gated-at.bofh.it>
2006-07-27 17:49 ` Require mmap handler for a.out executables Bodo Eggert
2006-07-27 17:59 ` Eugene Teo [this message]
2006-07-27 18:25 ` Alan Cox
2006-07-27 21:18 ` Bodo Eggert
2006-07-26 10:31 Marcel Holtmann
2006-07-27 15:07 ` Christoph Hellwig
2006-07-27 15:18 ` Linus Torvalds
2006-07-27 15:44 ` Marcel Holtmann
2006-07-27 17:21 ` Eugene Teo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=44C8FF00.80106@redhat.com \
--to=eteo@redhat.com \
--cc=7eggert@gmx.de \
--cc=akpm@osdl.org \
--cc=linux-kernel@vger.kernel.org \
--cc=marcel@holtmann.org \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox