[rsbac] Bugfix 1.2.3-3 / JAIL

From: Amon Ott (at_at_)
Date: 06/30/04

  • Next message: Luciano Miguel Ferreira Rocha: "Re: Java applet crashing with native assertion" 
    Date: Wed, 30 Jun 2004 14:03:29 +0200
To: RSBAC Discussion and Announcements <rsbac@rsbac.org>

    Hi everyone,

    here comes another bugfix. Thanks to Brad for providing details.

    Because of this and other security relevant bugfixes contained in the
    v1.2.3 release, all people using JAIL module are requested to update ASAP
    to RSBAC v1.2.3 with this bugfix applied. Pre-patched kernel updates will
    soon follow.

    One important note: When upgrading from previous versions to v1.2.3, you
    must change your calls to rsbac_jail, because the syntax has changed. I
    also recommend to restrict the Linux capabilites available to your jailed
    services with the new JAIL cap restriction feature.

    3. JAIL: suid/sgid files can be created inside jail

        * Urgency: Medium.
        * What you see: Programs can create suid and sgid files with sys_creat,
    sys_open and sys_mknod inside jails.
        * What is wrong: In the JAIL module CREATE check, the corresponding
    mode values are not checked.
        * Implications: Possible indirect privilege escalation inside the jail.
        * Credits: Thanks to Brad Sprengler for reporting this bug.
        * RSBAC versions affected: 1.2.2-1.2.3.
        * What you should do: Apply this patch (MD5 / GnuPG Cert) to get the
    bug corrected, recompile the kernel, reinstall and reboot.

    Amon. 

    -- 
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
_______________________________________________
rsbac mailing list
rsbac<at.rsbac.org
http://www.rsbac.org/mailman/listinfo/rsbac
  • Next message: Luciano Miguel Ferreira Rocha: "Re: Java applet crashing with native assertion"