[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability
- Subject: Re: [cobalt-security] RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Wed, 18 Dec 2002 11:32:28 +0100
- Organization: SOLARSPEED.NET
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> > Implication: Well, don't allow shell access to your servers and if you
> > do, then make sure that people can't compile code on the server.
>
> well, that goes without saying. what about cgi though?
With cgi you'd still need to compile the code on the server - or you'd have to
bring it aboard pre-compiled on a matching architecture. There are always
ways <shrug>.
> did you try the patch, btw?
No, I didn't test it as I haven't built a custom kernel on a RaQ for quite
some time. The approach of plugging the vulnerability with a loadable kernel
module looks interesting, though.
--
With best regards,
Michael Stauber
mstauber@xxxxxxxxxxxxxx
Unix/Linux Support Engineer