User: Password:
|
|
Subscribe / Log in / New account

Kernel.org's road to recovery

Kernel.org's road to recovery

Posted Oct 9, 2011 14:47 UTC (Sun) by vonbrand (guest, #4458)
In reply to: Kernel.org's road to recovery by malor
Parent article: Kernel.org's road to recovery

If Linux development is so completely broken, I do wonder why you even bother...


(Log in to post comments)

Kernel.org's road to recovery

Posted Oct 10, 2011 0:22 UTC (Mon) by malor (guest, #2973) [Link]

Because of habit, mostly. I am definitely coming to realize that the Linux development process does not produce trustworthy code, and further that the devs aren't really interested in security. They deride it as theater and want it to go away, while the security features in their kernel become less and less useful over time. At this point, getting user shell access on a Linux box is damn near equivalent to getting root.

Which means, of course, you get hacks like this one, and then a butchering of functionality because shell access can't be safely shared on a Linux machine.

There's going to be more compromises. Lots more.

Kernel.org's road to recovery

Posted Oct 10, 2011 0:39 UTC (Mon) by vonbrand (guest, #4458) [Link]

Any examples handy? They would make a great point... and they must be aplenty, if we are to believe your allegations.

Kernel.org's road to recovery

Posted Oct 10, 2011 1:19 UTC (Mon) by malor (guest, #2973) [Link]

Wow, you walked into that one.

https://lwn.net/Articles/460559/

Kernel.org's road to recovery

Posted Oct 10, 2011 2:28 UTC (Mon) by vonbrand (guest, #4458) [Link]

Sorry I wasn't clear. You claimed currently having shell access is equivalent to root. That I'd like to see the boatload of handy examples you've got to back this up. They would make a great point for your assertion that Linux' development is broken, and give hackers a great incentive to fix vulnerabilities and thighten up their coding.

Kernel.org's road to recovery

Posted Oct 10, 2011 22:41 UTC (Mon) by malor (guest, #2973) [Link]

Try the security alert from five days ago:

From RedHat errata:

* Flaws in the AGPGART driver implementation when handling certain IOCTL commands could allow a local user to cause a denial of service or escalate their privileges. (CVE-2011-1745, CVE-2011-2022, Important)

* An integer overflow flaw in agp_allocate_memory() could allow a local user to cause a denial of service or escalate their privileges (CVE-2011-1746, Important)

Bunch of other stuff too, but there's two likely local root exploits from October 5. Took me about ten minutes to spot, and that's only because I had to look through some lesser CVEs LWN posted about twenty minutes ago.

It would have proved the point even more thoroughly to have gotten a local root exploit today, but five days ago, I think, is adequate.

Kernel.org's road to recovery

Posted Oct 11, 2011 0:09 UTC (Tue) by vonbrand (guest, #4458) [Link]

And? How do you know whoever patched the bug knew the CVEs beforehand? This is a RHEL kernel, i.e., a stable kernel (+ patches), so this came probably via the stable patch stream.

Kernel.org's road to recovery

Posted Oct 11, 2011 0:24 UTC (Tue) by malor (guest, #2973) [Link]

Ok, I'm done talking to you. You just keep moving the goalposts around, anything to not be wrong.

Kernel.org's road to recovery

Posted Oct 10, 2011 22:47 UTC (Mon) by malor (guest, #2973) [Link]

Oh, and I didn't mention the remote root exploit from today's post, because that looks hard to exploit, involving an attempt to mount a CIFS share from a hostile server. But it is remote root, and using CIFS to share files across security boundaries is hardly unheard of.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds