Hi Scott, > According to the Red Hat bugzilla page > (https://bugzilla.redhat.com/show_bug.cgi?id=1384344#c13), > they claim that EL5 and EL6 are not vulnerable because > /proc/self/mem isn't writable by default.
According to German IT magazine heise.de this "default configuration" implies SELinux. Meaning: An SELinux rule protects /proc/self/mem against writing in the default RHEL configuration. As OpenVZ requires SELinux to be set to "disabled" we don't seem to have that luxury. Source (in German language): http://www.heise.de/newsticker/meldung/Dirty-Cow-Linux-Rechteausweitung-wird-fuer-Angriffe-missbraucht-3356639.html -- With best regards, Michael Stauber _______________________________________________ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users
