FreeBSD.se / 2200 registrerade användare / på webben sedan 2002-03-09 / Home
Search   
Contribute | Calendar | Advanced Search | Site Statistics | Directory | installationsguide | Forum | Filarkiv | FAQ's | Web Resources | Polls |
 Welcome to FreeBSD.seTuesday, July 29 2014 @ 04:33 AM CEST 
Sektioner
Home
Lathundar (71/0)
Säkerhet (210/0)
Små Tips (22/0)
Artiklar (83/0)
Intervjuer (4/0)
Nyheter (203/0)
Tävlingar (7/0)

Händelser
There are no upcoming events

User Functions
:

:


Lost your password?

Reklam



Vem är online
Guest Users: 9

Sponsorer






Upcoming FreeBSD Security Advisory
Tuesday, December 01 2009 @ 08:02 AM CET
Contributed by: Nixx
Views:: 1,543
En local root exploit har nyligen publicerats på en mailinglista. Därför går FreeBSD Security Officer ut med en patch redan innan Security Advisoryn (SA) är helt färdig, vilket är väldigt ovanligt.

Imorgon onsdag beräknas nästa SA vara färdig, men om man har en osäker lokal miljö bör man applicera patchen redan nu, med brasklappen att patchen kan vara ofärdig/felaktig/buggig och att den slutliga versionen av patchen först kommer tillsammans med SA. På egen risk alltså...

Hi all,

A short time ago a "local root" exploit was posted to the full-disclosure
mailing list; as the name suggests, this allows a local user to execute
arbitrary code as root.

Normally it is the policy of the FreeBSD Security Team to not publicly
discuss security issues until an advisory is ready, but in this case
since exploit code is already widely available I want to make a patch
available ASAP. Due to the short timeline, it is possible that this
patch will not be the final version which is provided when an advisory
is sent out; it is even possible (although highly doubtful) that this
patch does not fully fix the issue or introduces new issues -- in short,
use at your own risk (even more than usual).

The patch is at
http://people.freebsd.org/~cperciva/rtld.patch
and has SHA256 hash
ffcba0c20335dd83e9ac0d0e920faf5b4aedf366ee5a41f548b95027e3b770c1

I expect a full security advisory concerning this issue will go out on
Wednesday December 2nd.

-- Colin Percival Security Officer, FreeBSD

   


Upcoming FreeBSD Security Advisory | 1 comments | Create New Account
The following comments are owned by whomever posted them. This site is not responsible for what they say.
Upcoming FreeBSD Security Advisory
Authored by: Nixx on Tuesday, December 01 2009 @ 09:32 AM CET
Just to ease other's life: for 7.1 (and 7.0, but it seems to be at EoL
now, so there is already no support for it), one should use another patch:
-----
http://codelabs.ru/fbsd/patches/vulns/freebsd-7.0-rtld-unsetenv.diff

SHA256 (freebsd-7.0-rtld-unsetenv.diff) = e5ebbea24073bf644d3bc0c1ba37674a387af656b4c7e583a564a83598930897
SHA1 (freebsd-7.0-rtld-unsetenv.diff) = 24a79be52be0ea00ed0ea279f25efbf597f9c850
-----
Actually, every system that has rtld.c with r190323 or lower, should
use this variant -- clearing of LD_ELF_HINTS_PATH was introduced only
in r190324.


By the way, if people are using NO_DYNAMIC_ROOT and all setuid
executables come from the system itself (no sudo and other stuff from
ports or manual installations), such system is obviously safe from this
issue -- no dynamic loading takes place. I don't mean that people with
such systems shouldn't upgrade, but they probably can do it with a least
urgency.

---
"Any society that would give up a little liberty to gain a little security will deserve neither and lose both." - Benjamin Franklin

What's Related

Story Options
  • Printable Story Format