Slashdot Mirror

← Back to Stories (view on slashdot.org)

Exploits Emerge For Linux Privilege Escalation Flaw

Posted by samzenpus on from the protect-ya-neck dept.

angry tapir writes "Linux vendors are rushing to patch a privilege escalation vulnerability in the Linux kernel that can be exploited by local attackers to gain root access on the system. The vulnerability, which is identified as CVE-2012-0056, was discovered by Jüri Aedla and is caused by a failure of the Linux kernel to properly restrict access to the '/proc//mem' file."

9 of 176 comments (clear)

  1. Hrrm by Anonymous Coward · · Score: 5, Insightful

    If someone is in a position to run a local exploit, aren't you pretty much fucked anyways?

    1. Re:Hrrm by JimCanuck · · Score: 3, Insightful

      Yes that you are.

    2. Re:Hrrm by MichaelSmith · · Score: 4, Insightful

      Web servers are vulnerable because they run server side code, often uploaded with vulnerable content management systems, etc.

      --
      http://michaelsmith.id.au
    3. Re:Hrrm by Barbara,+not+Barbie · · Score: 2, Insightful

      Of course. The best local exploit is a screwdriver and a spare moment or two.

      Some quick contrarian rules:

      Rule #1: There is no such thing as 100% secure. Even 100% bug-free cannot be considered 100% secure. It may work according to the design, and the design can be 100% correct today, but today is not tomorrow.

      Rule #2: The more complicated layers of security you add, the more security holes you add. For those into car analogies, security always ends up being bolted on, like bondo dent filler, because you can't anticipate every future accident scenario. Anyone who claims otherwise is either a charlatan, a snake-oil salesman, a liar, or just plain deluded. Those who claim "you can't add security later" are liars. Those who use unix as an example don't know history - unix originally had zero security.

      Rule #3: All security is ultimately "security through obscurity." If you believe open is more secure, please post your account info, including cc numbers, banking info, user names and passwords, to help make them "more secure". I'd say just email them to me, but "more eyes" and all that :-)

      --
      Let's call it what it is, Anti-Social Media.
  2. Beware of ALL blanket statements ;-) by Zero__Kelvin · · Score: 4, Insightful

    All security is ultimately "security through obscurity."

    "I was with you up until Rule #3 which is nonsense."

    Really? Try proving it's "nonsense". .

    You either don't know what the word all means, or you don't know what the term security through obscurity means.

    --
    Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  3. Proof you are 100% wrong per your request by Zero__Kelvin · · Score: 5, Insightful

    Again, you don't know what security through obscurity means. If the access to the code or other design that implements the security breaks it, then that is security through obscurity. All security relies on a secret known by one party, but unknown to others. This has absolutely nothing to do with security by obscurity.

    --
    Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
    1. Re:Proof you are 100% wrong per your request by Zero__Kelvin · · Score: 4, Insightful

      Do you have a problem reading and understanding the English language? While I appreciate your attempts to credit the definition as my own, it has been an accepted term in security circles for a long time, and I am not the one who came up with it. Nobody worth their salt ever said that 100% security can be achieved, and you are not saying anything that isn't obvious to even a security neophyte like yourself. What is known is that security through obscurity is not an effective method of achieving security, even in deference to the fact that nobody will ever achieve 100% security.

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  4. Turtles all the way down by tepples · · Score: 3, Insightful

    Have you vetted your x86 CPU vendor's microcode for correctness? How far down do the proverbial turtles go?

  5. Re:Better than Windoze by Tim4444 · · Score: 4, Insightful

    You seem to be in a situation where PEBKAC - it's corrupting the text of your post. Of course what you meant to say is that the Open Source model does not guarantee security but simply allows interested parties to audit for and fix security problems independent of any single company or other rights holding restricting access to the source. Generally we find that the Open Source model has worked well for Linux and has been effective at addressing security concerns. The question is sometimes not whether problems exist, but whether or not they are found and corrected.

    Speaking of security on Windows - if that post of yours isn't a case where PEBKAC, you might want to install some anti virus software - looks like someone might have pwnd your machine.