On Tue, Apr 01, 2003 at 05:46:46PM +0100, David Ramsden wrote:
> I've made sure no no-ptrace module is loaded and I'm sure the kernel hasn't
> been patched. I can "echo '/sbin/modprobe' > /proc/sys/kernel/modprobe" and
> try the above and I'll get a root prompt first time.
Ok, I have to admit, th
- Original Message -
From: "Christian Hammers" <[EMAIL PROTECTED]>
To: "David Ramsden" <[EMAIL PROTECTED]>
Cc:
Sent: Tuesday, April 01, 2003 4:48 PM
Subject: Re: [d-security] Re: [d-security] Re: [Fwd: Re: LWN: Ptrace
vulnerability in 2.2 and 2.4 kernels]
On Tue, Apr 01, 2003 at 05:46:46PM +0100, David Ramsden wrote:
> I've made sure no no-ptrace module is loaded and I'm sure the kernel hasn't
> been patched. I can "echo '/sbin/modprobe' > /proc/sys/kernel/modprobe" and
> try the above and I'll get a root prompt first time.
Ok, I have to admit, th
On Tue, Apr 01, 2003 at 02:40:44PM +0100, David Ramsden wrote:
> > > echo unexisting_binary > /proc/sys/kernel/modprobe
> > > Can we trust this solution ?
> > NO, it does not prevent the exploit.
> >
> > It does prevent the km3.c example exploit but not e.g.
> > http://isec.pl/cliph/isec-ptrace
- Original Message -
From: "Christian Hammers" <[EMAIL PROTECTED]>
To: "David Ramsden" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, April 01, 2003 4:48 PM
Subject: Re: [d-security] Re: [d-security] Re: [Fwd: Re: LWN: Ptrace
vulnera
On Tue, Apr 01, 2003 at 02:40:44PM +0100, David Ramsden wrote:
> > > echo unexisting_binary > /proc/sys/kernel/modprobe
> > > Can we trust this solution ?
> > NO, it does not prevent the exploit.
> >
> > It does prevent the km3.c example exploit but not e.g.
> > http://isec.pl/cliph/isec-ptrace
6 matches
Mail list logo