oss-sec mailing list archives
Re: Firejail local root exploit
From: KellerFuchs <KellerFuchs () hashbang sh>
Date: Wed, 4 Jan 2017 23:42:21 +0000
On Wed, Jan 04, 2017 at 02:12:48PM +0100, Sebastian Krahmer wrote:
Hi Please find attached PoC for firejail, which seems to be quite popular sandboxing tool. Sebastian
Hi Sebastian, Thanks a lot for discovering this issue. For information: - this specific issue can be mitigated by setting `x11 no` in `/etc/firejail/firejail.config`, as in https://github.com/hashbang/shell-etc/pull/133 - the initial fix commited by netblues (firejail's dev) is racy: https://github.com/netblue30/firejail/commit/60d4b478f65c60bcc825bb56f85fd6c4fd48b250#commitcomment-20366636 Best, Keller Fuchs
Current thread:
- Re: Re: Firejail local root exploit, (continued)
- Re: Re: Firejail local root exploit Martin Carpenter (Jan 08)
- Re: Re: Firejail local root exploit Simon McVittie (Jan 08)
- Re: Re: Firejail local root exploit Brad Spengler (Jan 08)
- Re: Re: Firejail local root exploit Martin Carpenter (Jan 08)
- Re: Re: Firejail local root exploit Lizzie Dixon (Jan 06)
- Re: Firejail local root exploit cve-assign (Jan 07)
- Re: Re: Firejail local root exploit Martin Carpenter (Jan 07)
- Re: Firejail local root exploit cve-assign (Jan 07)
- Re: Firejail local root exploit cve-assign (Jan 06)
- Re: Re: Firejail local root exploit Thomas Deutschmann (Jan 31)