| |||||||||||||
|
| |||||||||||||
No protection from SELinux/-CAP_SYS_RAWIO/grsecurity/whateverNo protection from SELinux/-CAP_SYS_RAWIO/grsecurity/whateverPosted Dec 1, 2003 21:34 UTC (Mon) by walters (subscriber, #7396)Parent article: A Debian kernel security update Note that not even a security framework like SELinux or RSBAC will protect you against this exploit; nor will exec-shield or PaX. Everyone should upgrade ASAP. I have a feeling we're going to be dealing with the repercussions of this for some time.
(Log in to post comments)
No protection from SELinux/-CAP_SYS_RAWIO/grsecurity/whatever Posted Dec 1, 2003 21:48 UTC (Mon) by ncm (subscriber, #165) [Link] I don't think a chroot jail would have helped, either. (Not that regular user accounts are commonly jailed.)I wonder if this intrusion was done specifically to vent frustration that this bug/fix was not taken as sufficient to justify an immediate 2.4 release on its own merits, or that Debian didn't pick it up ahead of the 2.4.23 release. If so, it might have been a Debian developer acting, and not somebody who had hijacked his account. That would be a Good Thing, because otherwise some Debian developer's personal account somewhere is still compromised.
No protection from SELinux/-CAP_SYS_RAWIO/grsecurity/whatever Posted Dec 2, 2003 2:45 UTC (Tue) by hmh (subscriber, #3838) [Link] I won't even comment on the morals implied in your reply.Anyway yes, the account of one DD WAS compromised, and yes, he knows, Actually, most of us took the opportunity to do a major security spring
|
|
||||||||||||