One possible SELinux trick
Posted Feb 14, 2008 15:06 UTC (Thu) by corbet
In reply to: vmsplice(): the making of a local root exploit
Parent article: vmsplice(): the making of a local root exploit
I just ran across this posting from James Morris on how SELinux (in recent kernels) can block the mapping of memory into very low addresses - a feature which would have defeated this particular exploit.
to post comments)