Full Disclosure mailing list archives

Re: Fwd: VSFTPD Remote Heap Overrun (low severity)

From: Ramon de C Valle <rcvalle () redhat com>
Date: Mon, 12 Dec 2011 19:19:20 -0500 (EST)

If you're trying to do it with SELinux policy, that would require
opening the
locale file before the chroot, then changing the selinux context to
something
that can't open locale_t and then doing the chroot.  Unfortunately,
that's fast
approaching "cure is worse than the disease", because it means the
initial
context has to have the ability to change its context (in the
standard selinux
policy, that's restricted to only 2 or 3 binaries like 'newrole').

Actually, this is has no relation with binaries. Transitions are defined per domain in SELinux policy. For additional 
information, refer to:
http://danwalsh.livejournal.com/23944.html


We're lucky nobody has looked into what should happen on an
MLS-enabled system :)

I don't think sensitivity levels would make any difference in this case in the current SELinux MLS policy.


-- 
Ramon de C Valle / Red Hat Security Response Team

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Fwd: VSFTPD Remote Heap Overrun (low severity), (continued)
- - Fwd: VSFTPD Remote Heap Overrun (low severity) HI-TECH . (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Daniel J Walsh (Dec 13)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Daniel J Walsh (Dec 13)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Valdis . Kletnieks (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) lists (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Valdis . Kletnieks (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Valdis . Kletnieks (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Daniel J Walsh (Dec 13)
    - Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 13)