| |||||||||||||
Remote root hole in SambaRemote root hole in SambaPosted Apr 11, 2012 23:42 UTC (Wed) by cmccabe (guest, #60281)In reply to: Remote root hole in Samba by Cyberax Parent article: Remote root hole in Samba
If you have proof that any of the system calls in OpenBSD (or Linux, for that matter) are vulnerable, then you should post it. If not, I'm afraid this is starting to sound like FUD.
(Log in to post comments)
Remote root hole in Samba Posted Apr 12, 2012 0:03 UTC (Thu) by Cyberax (✭ supporter ✭, #52523) [Link]
I'm absolutely sure that at least some of them are buggy. I can bet you $1000 that there'll be new local Linux kernel exploits within 2 years.
Remote root hole in Samba Posted Apr 15, 2012 17:23 UTC (Sun) by cmccabe (guest, #60281) [Link]
First of all, we were talking about OpenBSD, not Linux. Secondly, if you're so sure that "some of them are buggy", you should find out which ones. I'm sure that the reward will be a lot greater than $1000.
I think what may be confusing you is the fact that there have been a lot of privilege escalations in Linux over the years (although not in OpenBSD, which is what we were talking about-- remember?). However, most of those privilege escalations didn't involve insecure system calls. In fact there's only one that I can think of which did (maybe others can think of more).
Remote root hole in Samba Posted Apr 15, 2012 20:58 UTC (Sun) by Cyberax (✭ supporter ✭, #52523) [Link]
>First of all, we were talking about OpenBSD, not Linux. Secondly, if you're so sure that "some of them are buggy", you should find out which ones. I'm sure that the reward will be a lot greater than $1000.
I'm absolutely sure that Linux right now has multiple exploitable local vulnerabilities.
>However, most of those privilege escalations didn't involve insecure system calls. In fact there's only one that I can think of which did (maybe others can think of more).
Whut?
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0029
It's like a clockwork! At least one local exploit a year.
Remote root hole in Samba Posted Apr 15, 2012 23:48 UTC (Sun) by spender (subscriber, #23067) [Link]
Don't forget perf_counter() ;)
Remote root hole in Samba Posted Apr 19, 2012 20:46 UTC (Thu) by cmccabe (guest, #60281) [Link]
Let's look at the orignial post that started this thread.
> Programs in OpenBSD chroot have access to all the syscalls.
Now we've digressed into looking at a bunch of Linux (NOT OpenBSD) security flaws. How does this help you prove that OpenBSD is insecure?
Secondly, privilege separation, BSD jails, SELinux, ASLR, etc are still useful technologies even if they don't block 100% of exploits. I think most system administrators would consider being vulnerable to one exploit per year a VERY good record, for any of the major three platforms.
|
|||||||||||||