[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: RE : [cobalt-security] ptrace local root exploit
- Subject: Re: RE : [cobalt-security] ptrace local root exploit
- From: Moritz Julian Ehlenz <mjehlenz@xxxxxxxxxx>
- Date: Tue, 25 Mar 2003 21:31:58 +0100
- Organization: M2Soft GmbH
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Michael Stauber schrieb:
The initial advisory mentioned disabling the ability to load kernel modules as
a work around. However, I'm not sure if LCAP will sufficiently secure a box
against the ptrace-bug. I haven't yet found a ptrace exploit to test it out.
Blocking ptrace stops all those I got my hands on from working. I can't
say anything about LCAPs abilities though.
Cu, Moritz