Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux Kernel 2.6 Local Root Exploit

Posted by kdawson on from the batten-the-hatches dept.

aquatix writes "This local root exploit (Debian, Ubuntu) seems to work everywhere I try it, as long as it's a Linux kernel version 2.6.17 to 2.6.24.1. If you don't trust your users (which you shouldn't), better compile a new kernel without vmsplice." Here is millw0rm's proof-of-concept code.

4 of 586 comments (clear)

  1. Re:Before the inevitable occurs: by RonnyJ · · Score: 5, Insightful

    The difference is that we know about this hole, and can now fix it
    We know about it now, but how long have some other people known about it? There's this quote from the code:

    This is quite old code and I had to rewrite it to even compile.

  2. Re:Misleading by Anonymous Coward · · Score: 5, Insightful

    The average home user that's not willing to put in the effort to compile a new kernel is the home user that doesn't have anyone but either themselves, or people with physical access to the machine using it.

    If the only people that have accounts on the machine have physical access to it, this exploit is a lot more work than just opening the box...

  3. Re:Misleading by Kjella · · Score: 5, Insightful

    You've got to be kidding me right? Like every sysadmin out there is supposed to know about every feature he doesn't use? Most of the time if you compile out something you'll end up breaking something you do want because you don't understand the internal kernel dependencies or what this really means in terms of functionality. Don't forget I now expect you on duty 24/7 to compile new kernels whenever there's a kernel patch available, particularly when you're sick and or vacation and whoever is filling in for you only knows apt-get/yum/whatever. Anyone that spent that much time on managing a Linux server would probably be fired because he'd be less efficient than a Windows server and an MSCE.

    --
    Live today, because you never know what tomorrow brings
  4. Re:Misleading by kitgerrits · · Score: 5, Insightful


    You know, I haven't built my own kernel since 'make menuconfig' was the most advanced method around.
    I got rather tired of picking and choosing what I need, just to get faster boot times.

    That, and any time you need (professional) support for a third-party application, the first thing they ask you is wether you are running a stock kernel.
    I -want- to be able to tell MySQL and RedHat to fight it out amongst themselves if my database does not live up to expectations.
    I have better things to do with my time than to set-up and analyse endless system profiles, straces and stack dumps.

    Grow up, get a real job and see what the real world is like.
    You'll find that you no longer have the time to check SANS and packetstorm every day, just to see if your system is secure, spend days just to get that library to compile and then see the entire system go out the window, because it cannot be maintained (because you have be re-assigned to another project).

    --
    "I was in love with a beautiful blonde once, dear. She drove me to drink. It's the one thing I am indebted to her for."