yeah noexec /tmp is nice cat /tmp/shellscript | bash
same with executables It is good against level0 kiddies and bots On Tue, Dec 1, 2009 at 4:28 AM, Bryan Drewery <br...@xzibition.com> wrote: > Colin, > > Thank you so much for alerting us and providing a temporary patch. I had > a user attempt to use the public exploit today, but due to /tmp being > noexec, it failed. Luckily I caught him before he modified the script to > work though. Now I am patched and can sleep tonight :) > > Thanks, > Bryan > > FreeBSD Security Officer wrote: > > Hi all, > > > > A short time ago a "local root" exploit was posted to the full-disclosure > > mailing list; as the name suggests, this allows a local user to execute > > arbitrary code as root. > > > > Normally it is the policy of the FreeBSD Security Team to not publicly > > discuss security issues until an advisory is ready, but in this case > > since exploit code is already widely available I want to make a patch > > available ASAP. Due to the short timeline, it is possible that this > > patch will not be the final version which is provided when an advisory > > is sent out; it is even possible (although highly doubtful) that this > > patch does not fully fix the issue or introduces new issues -- in short, > > use at your own risk (even more than usual). > > > > The patch is at > > http://people.freebsd.org/~cperciva/rtld.patch > > and has SHA256 hash > > ffcba0c20335dd83e9ac0d0e920faf5b4aedf366ee5a41f548b95027e3b770c1 > > > > I expect a full security advisory concerning this issue will go out on > > Wednesday December 2nd. > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org > " > -- the sun shines for all http://l1xl1x.blogspot.com _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
