Would SELinux prevent that with the current policy?
Rahul Sundaram
sundaram at fedoraproject.org
Sun Jul 19 09:51:08 UTC 2009
On 07/16/2009 10:50 PM, Christoph Höger wrote:
> Hi,
>
> after looking at:
> http://blog.cr0.org/2009/07/old-school-local-root-vulnerability-in.html
>
> I wondered if SELinux would not be the right answer to those re-exec
> exploits. I guess that pulseaudio should run as something like
> pulseaudio_t which has all caps it needs.
> Re-exec should not change that as pulseaudio does not need any
> transformation of context.
>
> So short question: Does it work that way?
Read this
http://blog.namei.org/2009/07/18/a-brief-note-on-the-2630-kernel-null-pointer-vulnerability/
Rahul
More information about the fedora-selinux-list
mailing list