On 10/29/2016 03:18 AM, J Mo wrote: > > On 10/28/2016 11:39 AM, yanosz wrote: >> 1. I'm unhappy with the state of OpenWRT at the moment. I see some >> trouble in building and releasing. The current code base has some bugs. >> I'ven't seen a fix for "mad cow" yet. For me it is hard to estimate >> whether OpenWRT is able to include, build and release critical patches >> over the next months in a timely fashion. > > My impression is that CVE-2016-5195 (also known by it's marketing name > for low-intellect individuals as "dirty COW") is mostly a non-issue on > OpenWRT/LEDE. This is why you have not heard much about a response for it. > > The exploit is a privilege escalation. However, almost everything on a > standard LEDE/OpenWRT system already runs as root anyway, since these > kinds of systems are not designed for multi-user scenarios. >
Uhm, I think you are wrong. In OpenWRT/LEDE applications that don't need root access are run as unprivileged users for security reasons, so yes, a privilege escalation is BAD also for OpenWRT/LEDE. root@lede:/# cat /etc/passwd root:x:0:0:root:/root:/bin/ash daemon:*:1:1:daemon:/var:/bin/false ftp:*:55:55:ftp:/home/ftp:/bin/false network:*:101:101:network:/var:/bin/false nobody:*:65534:65534:nobody:/var:/bin/false dnsmasq:x:453:453:dnsmasq:/var/run/dnsmasq:/bin/false And for LEDE the answer to the vulnerability was "finish the porting to latest kernel 4.4 for all devices ASAP as that kernel is a LTS kernel so it received the fix upstream, and apply patches to other kernels", see these mailing list posts: http://lists.infradead.org/pipermail/lede-dev/2016-October/003579.html http://lists.infradead.org/pipermail/lede-dev/2016-October/003580.html So current LEDE is already protected, I don't know if this stuff also ends in OpenWRT. -Alberto _______________________________________________ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
