Re: Fwd: VSFTPD Remote Heap Overrun (low severity)

[Valdis.Kletnieks () vt edu]

On Mon, 12 Dec 2011 19:19:20 EST, Ramon de C Valle said:

> Actually, this is has no relation with binaries. Transitions are defined per domain in SELinux policy. For additional 
> information, refer to:
> http://danwalsh.livejournal.com/23944.html

Exactly the point - that's how most transitions are done.

However, if you want to start off in an SELinux context that can read locale_t,
open the file, chroot, and then change to another context that can't reade
locale_t, then you're going to need to use setcon() in the process rather than
just letting execcon based transitions letting it happen.  And at that point,
you just bought a hole bunch more headache, because now you need to do setcon()
*securely* rather than just get transitioned into an ftpd_t just by getting
exec'ed.

> > We're lucky nobody has looked into what should happen on an
> > MLS-enabled system :)
> I don't think sensitivity levels would make any difference in this case in the current SELinux MLS policy.

No, but if user A and user B are in different sensitivity levels, it's even
more loads of fun to make sure that the ftpd can get to the proper sensitivity
level for each user via setcon() without botching it.

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/