Comments on: Old news – Linux local root vulnerability http://www.standalone-sysadmin.com/blog/2009/08/old-news-linux-local-root-vulnerability/ A blog for IT Admins who do everything by an IT Admin who does everything Tue, 07 Sep 2010 20:41:25 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Matt Simmons http://www.standalone-sysadmin.com/blog/2009/08/old-news-linux-local-root-vulnerability/comment-page-1/#comment-3207 Matt Simmons Wed, 19 Aug 2009 15:07:08 +0000 http://www.standalone-sysadmin.com/blog/2009/08/old-news-linux-local-root-vulnerability/#comment-3207 @Mike Good link, thanks! @Mike

Good link, thanks!

]]> By: mike http://www.standalone-sysadmin.com/blog/2009/08/old-news-linux-local-root-vulnerability/comment-page-1/#comment-3206 mike Wed, 19 Aug 2009 15:00:22 +0000 http://www.standalone-sysadmin.com/blog/2009/08/old-news-linux-local-root-vulnerability/#comment-3206 mmap_min_addr can be simple to bypass in many circumstances. Brad Spengler's full disclosure of this is here: http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/69537 mmap_min_addr can be simple to bypass in many circumstances. Brad Spengler’s full disclosure of this is here: http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/69537

]]> By: anonymouscoward http://www.standalone-sysadmin.com/blog/2009/08/old-news-linux-local-root-vulnerability/comment-page-1/#comment-3204 anonymouscoward Tue, 18 Aug 2009 17:31:49 +0000 http://www.standalone-sysadmin.com/blog/2009/08/old-news-linux-local-root-vulnerability/#comment-3204 Nope, not activated at all in kernel. Nope, not activated at all in kernel.

]]> By: Matt Simmons http://www.standalone-sysadmin.com/blog/2009/08/old-news-linux-local-root-vulnerability/comment-page-1/#comment-3203 Matt Simmons Tue, 18 Aug 2009 15:29:45 +0000 http://www.standalone-sysadmin.com/blog/2009/08/old-news-linux-local-root-vulnerability/#comment-3203 Weird. I don't know, then. From everything I've read, you should be able to create it by echoing a number to the file. Do you have SELinux enabled? I've also read that it prevents the altering of that setting, which may have the side-effect of removing the file from proc. ~$ /usr/sbin/sestatus SELinux status: disabled on mine, anyway. Weird. I don’t know, then. From everything I’ve read, you should be able to create it by echoing a number to the file.

Do you have SELinux enabled? I’ve also read that it prevents the altering of that setting, which may have the side-effect of removing the file from proc.

~$ /usr/sbin/sestatus
SELinux status: disabled

on mine, anyway.

]]> By: anonymouscoward http://www.standalone-sysadmin.com/blog/2009/08/old-news-linux-local-root-vulnerability/comment-page-1/#comment-3202 anonymouscoward Tue, 18 Aug 2009 15:21:21 +0000 http://www.standalone-sysadmin.com/blog/2009/08/old-news-linux-local-root-vulnerability/#comment-3202 Actually it does :) # cat /proc/sys/vm/swappiness 60 2.6.28 x86_64 Actually it does :)
# cat /proc/sys/vm/swappiness
60

2.6.28 x86_64

]]> By: Matt Simmons http://www.standalone-sysadmin.com/blog/2009/08/old-news-linux-local-root-vulnerability/comment-page-1/#comment-3201 Matt Simmons Tue, 18 Aug 2009 14:31:59 +0000 http://www.standalone-sysadmin.com/blog/2009/08/old-news-linux-local-root-vulnerability/#comment-3201 Hrm....then your kernel doesn't support procfs? ;-) You should upgrade when the patch comes out! Hrm….then your kernel doesn’t support procfs? ;-)

You should upgrade when the patch comes out!

]]> By: anonymouscoward http://www.standalone-sysadmin.com/blog/2009/08/old-news-linux-local-root-vulnerability/comment-page-1/#comment-3200 anonymouscoward Tue, 18 Aug 2009 14:21:45 +0000 http://www.standalone-sysadmin.com/blog/2009/08/old-news-linux-local-root-vulnerability/#comment-3200 ..and if it says cat: /proc/sys/vm/mmap_min_addr: No such file or directory ?:) ..and if it says
cat: /proc/sys/vm/mmap_min_addr: No such file or directory
?:)

]]>