Bug#257504: User can chown/chmod files in /proc
Package: kernel-source-2.6.7
Version: 2.6.7
A user with a local account can change the owner and the permissions of
files in /proc. Affected is at least kernel 2.6.7, but possibly all 2.6.x
kernels.
hydra proc $ cd /proc
hydra proc $ ls -la config.gz
-r--r--r-- 1 root root 6354 3. Jul 23:25 config.gz
hydra proc $ chown joerg config.gz
hydra proc $ ls -la config.gz
-r--r--r-- 1 joerg root 6354 3. Jul 23:25 config.gz
hydra proc $ chown root config.gz
hydra proc $ ls -la config.gz
-r--r--r-- 1 root root 6354 3. Jul 23:26 config.gz
hydra proc $ chmod o+x config.gz
hydra proc $ ls -la config.gz
-r--r--r-x 1 root root 6354 3. Jul 23:46 config.gz
hydra proc $
SuSE mentioned this bug in
http://article.gmane.org/gmane.comp.security.bugtraq/12316, so there should
be a patch around.
Jörg
--
Fachbegriffe der Informatik (Nr 369): Ursache
- Ursächlich war, dass Windows nicht neu gestartet wurde.
Michael Scheer
Reply to: