TLUG Mailing List

Mailing List Archive

tlug.jp Mailing List tlug archive tlug Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] old and obscure problem with the gcc compiler

Date: Sat, 22 Aug 2009 12:26:31 +0900

From: Curt Sampson <cjs@example.com>

Subject: Re: [tlug] old and obscure problem with the gcc compiler

References: <2000d7bd0908211718u17d3bb7egd0673234ba16ff63@example.com>

User-agent: Mutt/1.5.18 (2008-05-17)
First off, if anybody can tell me how (on an Ubuntu system) I'm running
a kernel vulnerable to this or not, I'd appreciate it if you'd tell me.
I can't even figure out how to find out what updates have been recently
installed, much less get their descriptions.

On 2009-08-22 09:18 +0900 (Sat), Shawn Brown wrote:

> I guess details are here http://lwn.net/Articles/347006/

Actually, the best details are here:

  http://lwn.net/Articles/341620/

We were earlier discussing what a disaster PAM was, being too complex
for a piece of security software, and how just using PAM by default
could mean that setting 'AllowPasswords no' in one's sshd_config could
mean that you allow password logins anyway.

That was a small example of how more security software can make things
less secure; this is a much bigger and better one, since it allows full
exploit of the system. (Look for Linux boxes to start joining Windows
boxes as spam/DoS zombies any day now.)

In this case, we have a security mechanism that should stop these sorts
of attacks:

    $ cat /proc/sys/vm/mmap_min_addr 
    65536

However, this is a lie in two ways:

    1. If you change the "personality" of the process to System V, it
    immediately maps page zero, even though this setting appears to
    inidicate that nobody may do this.

    2. If you decide to decrease your security by installing futher
    security modules (such as SELinux), the security modules will
    override that setting.

I've had experience before with apparmor, another module that's supposed
to increase security. It turned my relatively secure bind configuration,
which never ran as root, into something depending that did run as
root, at least in part, and was dependent on hundreds of lines of
configuration being correct in order to be secure. It would take me a
day to properly audit this. Ouch!

cjs
-- 
Curt Sampson       <cjs@example.com>        +81 90 7737 2974
           Functional programming in all senses of the word:
                   http://www.starling-software.com
References:

[tlug] old and obscure problem with the gcc compiler
From: Shawn Brown

Prev by Date: Re: [tlug] old and obscure problem with the gcc compiler

Next by Date: Re: [tlug] Unix's 40th Birthday

Previous by thread: Re: [tlug] old and obscure problem with the gcc compiler

Next by thread: [tlug] rooting the Android ION, adding a Japanese IME, and using it with Softbank

Index(es):

Date

Thread

Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links