Bugtraq mailing list archives
Secure Linux patch
From: solar () FALSE COM (Solar Designer)
Date: Thu, 29 Jan 1998 19:31:39 -0300
Hello,
mkdir /tmp/foo (no sticky bit on foo) ln /etc/passwd /tmp/foo mv /tmp/{foo/,}passwd
Thanks for reporting this. A stupid problem, I should have thought a bit more of things like this. ;-) I wonder why noone reported it earlier... I wasn't going to release my new patch right now, but since I would have to release a fix anyway, ...here goes the full thing. You can get my new Secure Linux patch at: http://www.false.com/security/linux/secure-linux.tar.gz ftp://ftp.dataforce.net/pub/solar/secure-linux.tar.gz Features: * Non-executable user stack area * Link-in-/tmp fix (fixed;-) * Restricted /proc (extra functionality compared to original route's patch) * Improved securelevel support (finally really secure, and extra features) * Unofficial bugfixes (hope I'll be able to remove them when 2.0.34 is out) Signed, Solar Designer
Current thread:
- CDE: dtappgather on AIX, (continued)
- CDE: dtappgather on AIX Marcin Cieslak (Jan 25)
- Simple OpenBSD crash script Jason Downs (Jan 25)
- Re: Simple OpenBSD crash script GvS One (Jan 28)
- Quake 2 Linux kevingeo () CRUZIO COM (Jan 25)
- Re: Quake 2 Linux Greg Alexander (Jan 27)
- Announcement: Phrack 52 route () RESENTMENT INFONEXUS COM (Jan 26)
- Microsoft responds to bug in Exchange Server Tony Hagale (Jan 27)
- Re: Announcement: Phrack 52 Olaf Kirch (Jan 28)
- KSR[T] Advisory #7: filter KSR[T] (Jan 29)
- Bug in IMail's pop3d32.exe RHS Linux User (Jan 29)
- Secure Linux patch Solar Designer (Jan 29)
- Gaining Domain Admins access on LAN (fwd) Weld Pond (Jan 28)
- GZEXE - the big problem Micha? Zalewski (Jan 28)
- Re: Correction: CPSN 9:971208: Solaris /var Permission Problems Tom Perrine (Jan 13)