oss-sec mailing list archives
Re: kernel: fs.suid_dumpable=2 privilege escalation
From: Kees Cook <keescook () chromium org>
Date: Thu, 16 Apr 2015 11:41:12 -0700
On Thu, Apr 16, 2015 at 5:42 AM, Florian Weimer <fweimer () redhat com> wrote:
Should this be treated as a security vulnerability? “fs: make dumpable=2 require fully qualified path” <http://lwn.net/Articles/503682/> Some widely-used cronie versions still do not have hardening and parse commands in core dumps.
I didn't seek a CVE for this at the time since it requires a pretty specific combination of configurations. Namely: setting dumpable=2 without a dump handler, which I couldn't find any distro doing. I have no objection, of course. -Kees -- Kees Cook Chrome OS Security
Current thread:
- kernel: fs.suid_dumpable=2 privilege escalation Florian Weimer (Apr 16)
- Re: kernel: fs.suid_dumpable=2 privilege escalation cve-assign (Apr 16)
- Re: kernel: fs.suid_dumpable=2 privilege escalation Kees Cook (Apr 16)
- Re: kernel: fs.suid_dumpable=2 privilege escalation Florian Weimer (Apr 17)