Re: Recent Linux vulnerabilities

[Leonardo Eloy <leonardo () morphus com br>]

Rainer Duffner escreveu:

> Michael Richardson wrote:
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> >
> >
> > First, many of those reports are 2.6 specific.
> > Many deployed systems are running 2.4, which does not have anywhere near
> > as many issues.
You're right, but some of the issues I related are vulnerable in both 
kernel series.

> >  
>
>
> Indeed. But even 2.4 has had more than enough bugs - though the 
> situation with 2.6 is really disastrous, IMO.

I think both kernel series hasn't considered secure programming as on of 
the issues, when submitting patches. As Alan Cox said "/if you plot 
things like 'buffer overflow' 'structure passed to user space not 
cleaned' 'maths overflow check error' against time you'll see they show 
definite patterns with spikes decaying at different rates towards 
zero./" [http://kerneltrap.org/node/4570], but until we reach that 
point, we must be very careful with systems we deploy.

> I'm glad my main servers run BSD ;-)

Oh god! :P

> Though not all my customers have that "privilege".
>
>
> > Second, "local exploits" mean you need to get a local user.
> > If you assume that, then you can assume a lot of other things too.
That's my question! :)
Have you guys been using more kernel-based method to gain superuser 
level or program-based exploits?

> >  
>
> >
>
> If all your PHP-apps are tight and secure, then yes.
> Unfortunately, this isn't the case. Dare I say phpBB ?
> Or look at other well-known PHP-projects - almost none of them can run 
> in PHP-safemode and some have to tweak multiple php.ini-values to "a 
> little bit less-secure" values.
> In combination, the results can be very bad.
> It's really becoming a nightmare.
>
>
>
> cheers,
> Rainer


--
Leonardo Eloy, LPIC-1, FCSE
Analista de Segurança
Morphus Tecnologia
Fone/Fax: 85 3452.5733/5737
Móvel: 85 8802.6740
e-mail: leonardo () morphus com br
site: http://www.morphus.com.br


As informações existentes nessa mensagem e nos arquivos anexados são para uso restrito, sendo seu sigilo protegido por 
lei. Caso não seja destinatário, saiba que leitura, divulgação ou cópia são proibidas. Favor apagar as informações e 
notificar o remetente. O uso impróprio será tratado conforme as normas da empresa e a legislação em vigor.

The information contained in this message and in the attached files are restricted, and its confidentiality protected by 
law. In case you are not the addressee, be aware that the reading, spreading and copy of this message is unauthorized. 
Please, delete this message and notify the sender. The improper use of this information will be treated according the 
company's internal rules and legal laws.