On Tue, 15 Oct 2013 09:38:48 +1100 Ryan Mallon wrote:
> Some setuid binaries will allow reading of files which have read
> permission by the real user id. This is problematic with files which
> use %pK because the file access permission is checked at open() time,
> but the kptr_restrict setting i
On Tue, 2013-10-15 at 09:38 +1100, Ryan Mallon wrote:
> This is a temporary solution only, but fixes a minor security hole when
> kptr_restrict=1. I am working to fix this properly, but there is still
> some discussion around how to achieve this, see here:
Glad you changed your mind.
--
To unsub
Some setuid binaries will allow reading of files which have read
permission by the real user id. This is problematic with files which
use %pK because the file access permission is checked at open() time,
but the kptr_restrict setting is checked at read() time. If a setuid
binary opens a %pK file as
3 matches
Mail list logo
