Full Disclosure mailing list archives
Re: Fwd: VSFTPD Remote Heap Overrun (low severity)
From: Ramon de C Valle <rcvalle () redhat com>
Date: Mon, 12 Dec 2011 19:19:20 -0500 (EST)
If you're trying to do it with SELinux policy, that would require opening the locale file before the chroot, then changing the selinux context to something that can't open locale_t and then doing the chroot. Unfortunately, that's fast approaching "cure is worse than the disease", because it means the initial context has to have the ability to change its context (in the standard selinux policy, that's restricted to only 2 or 3 binaries like 'newrole').
Actually, this is has no relation with binaries. Transitions are defined per domain in SELinux policy. For additional information, refer to: http://danwalsh.livejournal.com/23944.html
We're lucky nobody has looked into what should happen on an MLS-enabled system :)
I don't think sensitivity levels would make any difference in this case in the current SELinux MLS policy. -- Ramon de C Valle / Red Hat Security Response Team _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Fwd: VSFTPD Remote Heap Overrun (low severity), (continued)
- Fwd: VSFTPD Remote Heap Overrun (low severity) HI-TECH . (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Daniel J Walsh (Dec 13)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Daniel J Walsh (Dec 13)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Valdis . Kletnieks (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) lists (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Valdis . Kletnieks (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Valdis . Kletnieks (Dec 12)
- Fwd: VSFTPD Remote Heap Overrun (low severity) HI-TECH . (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Daniel J Walsh (Dec 13)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 13)