Full Disclosure mailing list archives

Re: Fwd: VSFTPD Remote Heap Overrun (low severity)

From: Valdis.Kletnieks () vt edu
Date: Mon, 12 Dec 2011 14:08:07 -0500

On Mon, 12 Dec 2011 13:31:21 EST, Ramon de C Valle said:

This is a good question. Actually, we shouldn't allow ftpd_t read the locale files from within user_home_t 
directories.


To fill in the SELinux details for the people following along at home:

The problem is that at open() time, there's no good way to specify what the
expected label is (now *that* might be an interesting extention to open() for
some enterprisng grad student) - so as long as the file has *any* foo_t label
that the program is allowed to access, the open() will succeed.  There's no way
for it to say "I'm opening what *should* be a locale_t file, so if I'm being
coerced into opening a user_foo_t, please nuke the request".

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Fwd: VSFTPD Remote Heap Overrun (low severity), (continued)
- - - Message not available
    - Fwd: VSFTPD Remote Heap Overrun (low severity) HI-TECH . (Dec 09)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) GloW - XD (Dec 09)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) GloW - XD (Dec 09)
- Re: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
  - Fwd: VSFTPD Remote Heap Overrun (low severity) HI-TECH . (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Daniel J Walsh (Dec 13)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Daniel J Walsh (Dec 13)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Valdis . Kletnieks (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) lists (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Valdis . Kletnieks (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Valdis . Kletnieks (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Daniel J Walsh (Dec 13)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 13)