[6052] in bugtraq
Secure Linux patch
daemon@ATHENA.MIT.EDU (Solar Designer)
Thu Jan 29 12:02:57 1998
Date: Thu, 29 Jan 1998 19:31:39 -0300
Reply-To: Solar Designer <solar@FALSE.COM>
From: Solar Designer <solar@FALSE.COM>
X-To: okir@CALDERA.DE
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <19980128110022.18468@ns.lst.de> from "Olaf Kirch" at Jan 28,
98 11:00:22 am
Hello,
> mkdir /tmp/foo (no sticky bit on foo)
> ln /etc/passwd /tmp/foo
> mv /tmp/{foo/,}passwd
Thanks for reporting this. A stupid problem, I should have thought a bit
more of things like this. ;-) I wonder why noone reported it earlier...
I wasn't going to release my new patch right now, but since I would have to
release a fix anyway, ...here goes the full thing.
You can get my new Secure Linux patch at:
http://www.false.com/security/linux/secure-linux.tar.gz
ftp://ftp.dataforce.net/pub/solar/secure-linux.tar.gz
Features:
* Non-executable user stack area
* Link-in-/tmp fix (fixed;-)
* Restricted /proc (extra functionality compared to original route's patch)
* Improved securelevel support (finally really secure, and extra features)
* Unofficial bugfixes (hope I'll be able to remove them when 2.0.34 is out)
Signed,
Solar Designer
