Re: cron exploit?

["Steve Bremer" <steveb () nebcoinc com>]

> so all those
> nice little local buffer and heap overflows (and other potential
> privilege escalation ilk) are less dangerous than they would otherwise
> be.

Have you also considered trying the grsecurity kernel patch?  I've 
found it to be quite stable in my testing as long as you don't chose 
the experimental options (e.g. KERNEXEC).  It provides some 
protection against stack and heap overflows, return into libc 
exploits, and temporary file handling issues.  It actually has a 
complete MAC system built in if you want to use it.  There are also a 
bunch of other protection enhancing features available that I won't 
go into here.  

I recommend grsecurity for boxes that have local users since it 
provides a lot additional protections if you can afford the small 
performance hit.

www.grsecurity.org

Steve Bremer
NEBCO, Inc.
System & Security Administrator

---------------------------------------------------------------------------
----------------------------------------------------------------------------