Bryan Kadzban wrote:
> Ah, I think I see. You have to put libbad.so into /lib64 (emulating
> libpcprofile), then set LD_AUDIT to just "libbad.so.0", with no path.
> At that point it works as expected (at least for me). (Though this is a
> multilib setup. But ping is 64-bit; on a single-bit-widt
d ping
>>
>> Whereas if your glibc is not broken (2.10.1 is not... :-) ), it
>> will only print the ping usage.
>
> I tried this on a freshly built LFS-20101024 but couldn't reproduce
> the problem. As a non-root user I get just the ping usage message.
> As the root
On Sun, 24 Oct 2010 16:32:48 -0600, Matthew Burgess
wrote:
> It'll be a while until I run another full build, but I'm recompiling glibc
> now, with the patch I uploaded earlier. I'll post results tomorrow, but
> expect it to work just fine.
Well, it didn't appear to fix the vulnerability here,
:-) ), it will
> only print the ping usage.
I tried this on a freshly built LFS-20101024 but couldn't reproduce the
problem. As a non-root user I get just the ping usage message. As the
root user, I get:
ERROR: ld.so: object '/tmp/libbad.so.0' cannot be loaded as audit interf
Matthew Burgess wrote:
> Quoting from the vulnerability description above:
>
> "This security issue allows a local attacker to gain root if they can
> create a hard link to a setuid root binary."
>
> So, on your system, is that possible?
That's actually not the only exploit vector. See the fol
On Sun, 24 Oct 2010 9:59:25 -0600, Matthew Burgess
wrote:
> On Sun, 24 Oct 2010 11:38:27 -0400, Drew Ames wrote:
>
>> 1) Is it worth downloading and using the development version of Glibc
>> from git://sourceware.org/git/glibc.git to build LFS with the updated
>> source?
>
> I wouldn't be keen
On Sun, 24 Oct 2010 11:38:27 -0400, Drew Ames wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hi all,
>
> Here's an interesting security update from Slackware that gives some
> information on a recent vulnerability exposed in Glibc:
>
> glibc-2.11.1-i486-4_slack13.1.txz: Rebuilt.
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all,
Here's an interesting security update from Slackware that gives some
information on a recent vulnerability exposed in Glibc:
glibc-2.11.1-i486-4_slack13.1.txz: Rebuilt.
Patched "dynamic linker expands $ORIGIN in setuid library
search p
