
Full Disclosure mailing list archives
Re: Fwd: VSFTPD Remote Heap Overrun (low severity)
From: Valdis.Kletnieks () vt edu
Date: Mon, 12 Dec 2011 20:40:43 -0500
On Mon, 12 Dec 2011 19:19:20 EST, Ramon de C Valle said:
Actually, this is has no relation with binaries. Transitions are defined per domain in SELinux policy. For additional information, refer to: http://danwalsh.livejournal.com/23944.html
Exactly the point - that's how most transitions are done. However, if you want to start off in an SELinux context that can read locale_t, open the file, chroot, and then change to another context that can't reade locale_t, then you're going to need to use setcon() in the process rather than just letting execcon based transitions letting it happen. And at that point, you just bought a hole bunch more headache, because now you need to do setcon() *securely* rather than just get transitioned into an ftpd_t just by getting exec'ed.
We're lucky nobody has looked into what should happen on an MLS-enabled system :)I don't think sensitivity levels would make any difference in this case in the current SELinux MLS policy.
No, but if user A and user B are in different sensitivity levels, it's even more loads of fun to make sure that the ftpd can get to the proper sensitivity level for each user via setcon() without botching it.
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity), (continued)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Daniel J Walsh (Dec 13)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Daniel J Walsh (Dec 13)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Valdis . Kletnieks (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) lists (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Valdis . Kletnieks (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Valdis . Kletnieks (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 12)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Daniel J Walsh (Dec 13)
- Re: Fwd: VSFTPD Remote Heap Overrun (low severity) Ramon de C Valle (Dec 13)