Dailydave mailing list archives
Re: On exploiting null ptr derefs, disabling SELinux, and silently fixed Linux vulns
From: Steve Grubb <sgrubb () redhat com>
Date: Tue, 15 May 2007 08:42:59 -0400
On Monday 14 May 2007 15:18, Rodrigo Rubira Branco (BSDaemon) wrote:
Again our discussion (good discussion, tks for your position!) about auto-learning ;)
Let me give you a concrete example. If you have your passwords set to expire and normally let people into the machine by sshd and you have pam linked in, you will need sshd to be able to write to /etc/shadow. I would presume that auto-learning systems would go ahead and grant that access. The better solution is to create a minimalistic helper program that has just that capability and can only be run by the parent. It can be confined to just making the update and the parent which is network facing only able to exec that program. Auto learning systems cannot make architectural desicions like that. -Steve _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: On exploiting null ptr derefs, disabling SELinux, and silently fixed Linux vulns Steve Grubb (May 14)
- Re: On exploiting null ptr derefs, disabling SELinux, and silently fixed Linux vulns Brad Spengler (May 14)
- Re: On exploiting null ptr derefs, disabling SELinux, and silently fixed Linux vulns Steve Grubb (May 14)
- Re: On exploiting null ptr derefs, disabling SELinux, and silently fixed Linux vulns Brad Spengler (May 14)
- Re: On exploiting null ptr derefs, disabling SELinux, and silently fixed Linux vulns Steve Grubb (May 14)
- <Possible follow-ups>
- Re: On exploiting null ptr derefs, disabling SELinux, and silently fixed Linux vulns Rodrigo Rubira Branco (BSDaemon) (May 14)
- Re: On exploiting null ptr derefs, disabling SELinux, and silently fixed Linux vulns Steve Grubb (May 15)
- Re: On exploiting null ptr derefs, disabling SELinux, and silently fixed Linux vulns assault (May 14)
- Re: On exploiting null ptr derefs, disabling SELinux, and silently fixed Linux vulns Rodrigo Rubira Branco (BSDaemon) (May 15)
- Re: On exploiting null ptr derefs, disabling SELinux, and silently fixed Linux vulns Brad Spengler (May 14)