Security-Enhanced Fedora Core 2
Posted Jan 15, 2004 14:45 UTC (Thu) by ballombe
Parent article: Security-Enhanced Fedora Core 2
> Even if an attacker is successful in obtaining superuser privileges (as
> was the case in the recently compromised Debian machines), the attacker
> will not be able to modify the critical parts of the system - there is
> no such thing as "chmod 777" on a SELinux system.
It has been shown that the Debian compromise was due to the kernel brk
exploit that was not blocked by the use of SE Linux or other kernel
This exploit lead not to super-user priviledge but to kernel-level
priviledge, as does the new mremap() exploit. This allows to bypass
SE Linux entirely.
The LWN had made high-quality articles on this the story so I am suprised
to see here a statement that seems to imply SE Linux would have prevented
the Debian compromise.
to post comments)