Re: DEFAULT_MMAP_MIN_ADDR change breaks ssh on arm
Hi Martin
On Wed, Mar 19, 2008 at 11:46 AM, Martin Michlmayr <tbm@cyrius.com> wrote:
> The following change
>
> r10769 | maks | 2008-03-10 17:03:03 +0100 (Mon, 10 Mar 2008) | 8 lines
>
> security: set DEFAULT_MMAP_MIN_ADDR to 65536
>
> Low address space to protect from user allocation, see
> a5ecbcb8c13ea8a822d243bf782d0dc9525b4f84, runtime tunable on
> /proc/sys/vm/mmap_min_addr. let's see if we get any fallout.
> double checked after Kconfig recommendation that fedora uses
> that recommendation too.
>
> breaks ssh on arm. While root can still log in via ssh, normal users
> cannot. ssh almost manages to log in but when it comes to starting a
> shell the connection simply closes. Changing DEFAULT_MMAP_MIN_ADDR
> back to 0 fixes this.
>
> maks, should I simply set DEFAULT_MMAP_MIN_ADDR to 0 on ARM or should
> I report this to the SE Linux folks or someone else? I've no idea how
> SE Linux works, so any help is welcome.
On the GLAN Tank, values larger than 32768 cause ssh to fail, whereas
32768 and lower allow ssh to work. However, it appears that the
exploit CVE-2008-0600 is fixed in kernel versions 2.6.22.18 and above,
2.6.23.16 and above, 2.6.24.2 and above, and all 2.6.25 versions [1],
so why can't we set DEFAULT_MMAP_MIN_ADDR to 0 for all architectures?
Gordon
[1] http://kerneltrap.org/Linux/Patching_CVE-2008-0600_Local_Root_Exploit
--
Gordon Farquharson
GnuPG Key ID: 32D6D676
Reply to: