Re: Advisory 04/2004: Net(Free)BSD Systrace local root vulnerability

[spender () grsecurity net]

Just to clarify, this advisory does not involve either of the two 
vulnerabilities that I discovered over a year ago now that still remain 
unpatched.  The one bug is a local root on Linux, NetBSD, FreeBSD, 
OpenBSD, and Mac OS X, and any other OS systrace is ported to in the 
future.  The other bug is a complete bypass of systrace's "security" on 
Linux.

Maybe keep looking Stefan ;)
If you can find them, I'll release my fulling working MENU-BASED 
exploit.  Actually, I was quite upset at first that someone had killed 
my bug but then I read the advisory closer and realized it was a 
different local root, imagine that ;)  It amazes me that Niels has known 
a local root vulnerability has existed in his code for over a year and 
yet he hasn't even bothered to audit his own code, but instead continues 
to promote it.

http://monkey.org/openbsd/archive/misc/0304/msg01400.html
"I am looking forward to his local root exploit for systrace."
Sorry Niels, no such luck today :(
It was close!

-Brad

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html