oss-sec mailing list archives

Re: Access to /dev/pts devices via pt_chown and user namespaces

From: Alan Coopersmith <alan.coopersmith () oracle com>
Date: Tue, 23 Feb 2016 21:55:58 -0800

On 02/23/16 09:27 PM, halfdog wrote:

That is nice, that this was done already for OWL. Is there a checklist
or perhaps even a tool, that can be run, to detect, which weak
programs, compile time settings or runtime settings might be applied
to a given Linux setup?


Something like OpenSCAP perhaps?

https://www.open-scap.org/

--
        -Alan Coopersmith-              alan.coopersmith () oracle com
         Oracle Solaris Engineering - http://blogs.oracle.com/alanc

Current thread:

Access to /dev/pts devices via pt_chown and user namespaces halfdog (Feb 23)
- Re: Access to /dev/pts devices via pt_chown and user namespaces Solar Designer (Feb 23)
  - Re: Access to /dev/pts devices via pt_chown and user namespaces Dmitry V. Levin (Feb 23)
    - Re: Access to /dev/pts devices via pt_chown and user namespaces halfdog (Feb 23)
    - Re: Access to /dev/pts devices via pt_chown and user namespaces Simon McVittie (Feb 23)
    - Re: Access to /dev/pts devices via pt_chown and user namespaces Dmitry V. Levin (Feb 24)
    - Re: Access to /dev/pts devices via pt_chown and user namespaces Serge Hallyn (Feb 24)
    - Re: Access to /dev/pts devices via pt_chown and user namespaces Jakub Wilk (Feb 27)
  - Re: Access to /dev/pts devices via pt_chown and user namespaces halfdog (Feb 23)
    - Re: Access to /dev/pts devices via pt_chown and user namespaces Alan Coopersmith (Feb 23)
- pt_chown timeline, CVE request [was: Access to /dev/pts devices via pt_chown and user namespaces] Jann Horn (Feb 28)
  - Re: pt_chown timeline, CVE request [was: Access to /dev/pts devices via pt_chown and user namespaces] Aurelien Jarno (Feb 28)
- Re: Access to /dev/pts devices via pt_chown and user namespaces cve-assign (Mar 06)