Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
PostgreSQL 9.3 beta: Federated databases and more
LWN.net Weekly Edition for May 9, 2013
(Nearly) full tickless operation in 3.10
Remote root hole in Samba
Posted Apr 15, 2012 17:23 UTC (Sun) by cmccabe (guest, #60281)
I think what may be confusing you is the fact that there have been a lot of privilege escalations in Linux over the years (although not in OpenBSD, which is what we were talking about-- remember?). However, most of those privilege escalations didn't involve insecure system calls. In fact there's only one that I can think of which did (maybe others can think of more).
Posted Apr 15, 2012 20:58 UTC (Sun) by Cyberax (✭ supporter ✭, #52523)
I'm absolutely sure that Linux right now has multiple exploitable local vulnerabilities.
>However, most of those privilege escalations didn't involve insecure system calls. In fact there's only one that I can think of which did (maybe others can think of more).
It's like a clockwork! At least one local exploit a year.
Posted Apr 15, 2012 23:48 UTC (Sun) by spender (subscriber, #23067)
Posted Apr 19, 2012 20:46 UTC (Thu) by cmccabe (guest, #60281)
> Programs in OpenBSD chroot have access to all the syscalls.
> Probably at least several of them are vulnerable.
Now we've digressed into looking at a bunch of Linux (NOT OpenBSD) security flaws. How does this help you prove that OpenBSD is insecure?
Secondly, privilege separation, BSD jails, SELinux, ASLR, etc are still useful technologies even if they don't block 100% of exploits. I think most system administrators would consider being vulnerable to one exploit per year a VERY good record, for any of the major three platforms.
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds