Glock Talk

Glock Talk (http://glocktalk.com/forums/index.php)
-   Tech Talk (http://glocktalk.com/forums/forumdisplay.php?f=86)
-   -   "Longstanding Root Access Vulnerability" Say it Ain't So! (http://glocktalk.com/forums/showthread.php?t=1487106)

Pierre! 05-15-2013 12:05

"Longstanding Root Access Vulnerability" Say it Ain't So!
 
Found this to be a very interesting article...

Critical Linux vulnerability imperils users, even after “silent” fix

I better check my linux forrest for patches!

Patch them linux boxes!!! :cool:

Detectorist 05-15-2013 20:30

Quote:

Originally Posted by Pierre! (Post 20294232)
Found this to be a very interesting article...

Critical Linux vulnerability imperils users, even after “silent” fix

I better check my linux forrest for patches!

Patch them linux boxes!!! :cool:

No operating system is perfect. The bad guys have a huge incentive to find ways in.

Pierre! 05-16-2013 19:16

Quote:

Originally Posted by Detectorist (Post 20295362)
No operating system is perfect. The bad guys have a huge incentive to find ways in.

Yes, this we know... Just odd to find out that such a "hardened" OS would be this vulnerable.

Linux3 05-16-2013 20:47

Sigh...
This is only true if;
1) It is a local user compiling the hack. Doesn't work over a network. As a Senior Network Admin I never, never give local users the rights to compile on their systems much less a server. Dah!!!

AND

2) If you have compiled a kernel using the 'PERF_EVENTS' option. Rare, very rare.

Just point me to ONE system in the wild that actually has been cracked by this.

You Windows people just can't accept that you have a bad O.S. that you have to blow up such non-events as this.

Get real, potential for cracks is not the same as the 100's of million Windows systems that make up the bot'nets of the internet.

Pierre! 05-18-2013 20:56

hey, Hey, HEY...

I was simply drinkin the 'ARS Technica' Koolaid...

Thanks for the education anyway... (LOL)

L8ter...

harrygunner 05-19-2013 19:24

Interestingly, all the Redhat Enterprise 6 clones (CentOS and Scientific Linux) we run have PERF_EVENTS selected in kernels. Fortunately, our servers provide services and not set up for users.

The thing I like about Linux is how quickly a fix shows up. One could either patch and rebuild their kernel or upgrade to a patched kernel within days of this coming to light. The May 16 RHEL 6 kernels '2.6.32-279.22.1.el6.x86_64' are patched.

This laptop is running kernel 3.9.2 that came out May 11 and it's patched.

This one was easy to patch, but difficult to stop with the usual precautions. For example, if the exploit could be written in Perl, a non-root user could run 'perl expliot.pl' in a /home directory that is mounted 'noexec'. SELinux would not have stopped it either.

It's better to have lots of eyes looking at openly available source code. That actually makes it harder for exploits to exist for long.

Linux is not perfect, but I prefer it a thousand times over Windows.

Edited to add: This one may not have been "long standing". It was back-migrated to older kernels. That gave the appearance it has been around since the introduction of those older kernels. So, while the potential existed, new kernels were patched within days of the existence of a practical exploit.

WiskyT 05-20-2013 18:13

http://lostandtired.com/wp-content/u...id-boy-31.jpeg


All times are GMT -6. The time now is 06:59.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Copyright ©2013, Glock Talk, All Rights Reserved.