List Archive: gentoo-hardened
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
On 24 Jan 2012 at 2:35, Francesco R.(vivo) wrote:
> BTW this in "vanilla" gentoo does not work because of the permission of the su
> ls -l /usr/bin/su
> -rws--x--x 1 root root 36776 18 gen 21.31 /usr/bin/su
> readelf cannot read the address, but there can be other ways to access the
> binary for example for group "disk"
> hardened gentoo is un-affected as expected (but you already know)
this is not quite true, what could work against grsec is an exploit that
implemented a ret2libc style exploit coupled with bruteforcing (if the
target suid is a PIE). i hope you're all enabling the bruteforce protection
feature in grsec ;).