mailing list archives
Re: CVE request: oping allows the disclosure of arbitrary file contents
From: Tomas Hoger <thoger () redhat com>
Date: Tue, 17 Nov 2009 20:48:12 +0100
On Mon, 16 Nov 2009 17:39:30 -0500 (EST) Josh Bressers wrote:
Does the RLIMIT_NPROC trick work against oping, or any setuid app
that calls setuid(getuid())?
This should work for everything that calls setuid()
I have a little bit about this here:
My previous web search did find that one. Though set_user() doing
NPROC check is only called when new uid differs from current real uid
(so not called in setuid(getuid()) case).
Tomas Hoger / Red Hat Security Response Team
Re: CVE request: oping allows the disclosure of arbitrary file contents Tomas Hoger (Nov 16)
- Re: CVE request: oping allows the disclosure of arbitrary file contents, (continued)