Note: Due to technical difficulties, the Archives are currently not up to date.
GMANE provides an alternative service for most mailing lists. c.f. bug 424647
Hello Jason,
Il giorno lun, 23/01/2012 alle 20.08 +0100, Jason A. Donenfeld ha
scritto:
> So I recently published this: http://blog.zx2c4.com/749 , a local priv
> escalation.
I've seen the news :)
> It doesn't work on Fedora because their /bin/su is compiled with
> -pie. (They don't compile gpasswd with -pie though, so they're still
> vulnerable.)
Is it because of PIE alone or ASLR? Just curious it doesn't make much
difference to me.
> In any case, what if we made it a policy in Gentoo to compile all SUID
> binaries with PIE, to prevent against any types of future attacks of
> this variety?
Here's the trick: it's hard to decide what to compile PIE and what not
because we generally don't split the build for the two. I guess a good
point here could be made to build _everything_ PIE, but it can be tricky
(at least hotot seem not to work on a PIE system).
It would be also a good idea to resume working on the file-based
capabilities, dropping suid altogether.
The main issue here: it's not just my call to make; toolchain and
council should probably chime in on this.
--
Diego Elio Pettenò <flameeyes@g.o>
Gentoo Linux
|
| Attachment: |
|
signature.asc (This is a digitally signed message part)
|
|
