Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > bugtraq > 07 > 080802.html (Request Expert securityfocus.com Support)

Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability

From: Dan Yefimov <dan(at)ns15.lightwave.net.ru>
Date: Sat Aug 18 2007 - 07:02:49 EDT


On Fri, 17 Aug 2007, Glynn Clements wrote:

> There definitely appears to be potential for DoS against system-wide
> resources.
>

Only the potential. In most cases that potential will remain unimplemented since there are only a few setuid binaries in the system, so the real DoS attack may be either impossible or bring a too tiny harm like impossibility for users to change their passwords or finger information. Several posters already talked here about the need to provide a PoC exploit that will work for at least 10% cases before raising an alarm. The security implication of this bug is in fact rather theoretical than practical. Nobody yet talked here that this is not a bug to be fixed. The original poster just raised a false alarm here. That is what I talk about.

        BTW, many setuid root binaries like /bin/su don't even issue setuid(0) and work under RUID of the calling user (but they do issue setuid(<UID of authenticated user>) before executing either shell or program as a child), which means in turn that they can be easily killed in a usual way. 

-- 

    Sincerely Your, Dan.
Received on Mon Aug 20 15:07:03 2007

This archive was generated by hypermail 2.1.8 : Sun Oct 28 2007 - 06:12:46 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library