Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Security Linux

Exploits Emerge For Linux Privilege Escalation Flaw 176

angry tapir writes "Linux vendors are rushing to patch a privilege escalation vulnerability in the Linux kernel that can be exploited by local attackers to gain root access on the system. The vulnerability, which is identified as CVE-2012-0056, was discovered by Jüri Aedla and is caused by a failure of the Linux kernel to properly restrict access to the '/proc//mem' file."
This discussion has been archived. No new comments can be posted.

Exploits Emerge For Linux Privilege Escalation Flaw

Comments Filter:
  • Hrrm (Score:5, Insightful)

    by Anonymous Coward on Wednesday January 25, 2012 @06:51PM (#38823337)

    If someone is in a position to run a local exploit, aren't you pretty much fucked anyways?

  • Re:Hrrm (Score:4, Insightful)

    by JimCanuck ( 2474366 ) on Wednesday January 25, 2012 @06:56PM (#38823373)
    Yes that you are.
  • Re:Hrrm (Score:5, Insightful)

    by MichaelSmith ( 789609 ) on Wednesday January 25, 2012 @06:56PM (#38823375) Homepage Journal

    Web servers are vulnerable because they run server side code, often uploaded with vulnerable content management systems, etc.

  • Re:Hrrm (Score:2, Insightful)

    by Barbara, not Barbie ( 721478 ) <barbara.hudson@C ... minus herbivore> on Wednesday January 25, 2012 @07:16PM (#38823517) Journal

    Of course. The best local exploit is a screwdriver and a spare moment or two.

    Some quick contrarian rules:

    Rule #1: There is no such thing as 100% secure. Even 100% bug-free cannot be considered 100% secure. It may work according to the design, and the design can be 100% correct today, but today is not tomorrow.

    Rule #2: The more complicated layers of security you add, the more security holes you add. For those into car analogies, security always ends up being bolted on, like bondo dent filler, because you can't anticipate every future accident scenario. Anyone who claims otherwise is either a charlatan, a snake-oil salesman, a liar, or just plain deluded. Those who claim "you can't add security later" are liars. Those who use unix as an example don't know history - unix originally had zero security.

    Rule #3: All security is ultimately "security through obscurity." If you believe open is more secure, please post your account info, including cc numbers, banking info, user names and passwords, to help make them "more secure". I'd say just email them to me, but "more eyes" and all that :-)

  • by Zero__Kelvin ( 151819 ) on Wednesday January 25, 2012 @09:32PM (#38824509) Homepage

    All security is ultimately "security through obscurity."

    "I was with you up until Rule #3 which is nonsense."

    Really? Try proving it's "nonsense". .

    You either don't know what the word all means, or you don't know what the term security through obscurity means.

  • by Zero__Kelvin ( 151819 ) on Wednesday January 25, 2012 @09:37PM (#38824553) Homepage
    Again, you don't know what security through obscurity [] means. If the access to the code or other design that implements the security breaks it, then that is security through obscurity. All security relies on a secret known by one party, but unknown to others. This has absolutely nothing to do with security by obscurity.
  • by Zero__Kelvin ( 151819 ) on Wednesday January 25, 2012 @11:16PM (#38825105) Homepage
    Do you have a problem reading and understanding the English language? While I appreciate your attempts to credit the definition as my own, it has been an accepted term in security circles for a long time, and I am not the one who came up with it. Nobody worth their salt ever said that 100% security can be achieved, and you are not saying anything that isn't obvious to even a security neophyte like yourself. What is known is that security through obscurity is not an effective method of achieving security, even in deference to the fact that nobody will ever achieve 100% security.
  • by tepples ( 727027 ) <tepples@gmail.BOHRcom minus physicist> on Wednesday January 25, 2012 @11:19PM (#38825115) Homepage Journal
    Have you vetted your x86 CPU vendor's microcode for correctness? How far down do the proverbial turtles go?
  • by Tim4444 ( 1122173 ) on Thursday January 26, 2012 @05:00AM (#38826481)

    You seem to be in a situation where PEBKAC - it's corrupting the text of your post. Of course what you meant to say is that the Open Source model does not guarantee security but simply allows interested parties to audit for and fix security problems independent of any single company or other rights holding restricting access to the source. Generally we find that the Open Source model has worked well for Linux and has been effective at addressing security concerns. The question is sometimes not whether problems exist, but whether or not they are found and corrected.

    Speaking of security on Windows - if that post of yours isn't a case where PEBKAC, you might want to install some anti virus software - looks like someone might have pwnd your machine.

Who goeth a-borrowing goeth a-sorrowing. -- Thomas Tusser