Home page logo

bugtraq logo Bugtraq mailing list archives

Re: OpenBSD 2.9,2.8 local root compromise
From: Peter van Dijk <peter () dataloss nl>
Date: Sat, 16 Jun 2001 12:00:54 +0200

On Fri, Jun 15, 2001 at 11:27:23AM -0400, Tony Lambiris wrote:
AFAIK its been fixed in -current, and it _will_ be in errata shortly..
in the meantime, there is a hotfix for the code itself, read the mailing
lists.. OR

in /etc/fstab, make /tmp nosuid and noexec, then mount -u /tmp (you did
make tmp a seperate partition.. didn tyou?)

There are about a 1000 other places on a machine people can stick the
file to be executed. The actual problem is not tmp-related, the
provided exploit just happens to use /tmp.

Making /tmp nosuid and noexec will only stop the kiddo's that are too
stupid to change the exploit to work on such machines.

Greetz, Peter
Against Free Sex!   http://www.dataloss.nl/Megahard_en.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]