Re: DSA-134-1

To: "Noah L. Meyerhans" <frodo@morgul.net>
Cc: James Nord <teilo@teilo.net>, debian-security@lists.debian.org
Subject: Re: DSA-134-1
From: Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>
Date: Wed, 26 Jun 2002 00:12:16 +0200
Message-id: <[🔎] 87sn3b9fen.fsf@CERT.Uni-Stuttgart.DE>
In-reply-to: <[🔎] 20020625180136.P27525@morgul.net> ("Noah L. Meyerhans"'s message of "Tue, 25 Jun 2002 18:01:36 -0400")
References: <[🔎] 814053EA-87C9-11D6-AC16-00039355CFA6@suespammers.org> <[🔎] 20020624232846.GH28956@wiggy.net> <[🔎] 87r8ivfs1o.fsf@CERT.Uni-Stuttgart.DE> <[🔎] 3D186BC9.545DC569@dreibrodt.de> <[🔎] 20020625193630.GB13179@fishbowl.madduck.net> <[🔎] 20020625141532.A18809@gregh> <[🔎] 3D18E775.3040409@teilo.net> <[🔎] 20020625180136.P27525@morgul.net>

"Noah L. Meyerhans" <frodo@morgul.net> writes:

> A local exploit that can be run by a non-root user in an empty chroot.
> Those are considerably harder to come by than the standard local
> exploit.  Are any known to exist at all?

Have you examined all those signedness bugs in the kernel which have
been fixed based on results from the checker project? :-/

-- 
Florian Weimer 	                  Weimer@CERT.Uni-Stuttgart.DE
University of Stuttgart           http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT                          fax +49-711-685-5898


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- DSA-134-1
  - From: Anthony DeRobertis <asd@suespammers.org>
- Re: DSA-134-1
  - From: Wichert Akkerman <wichert@wiggy.net>
- Re: DSA-134-1
  - From: Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>
- Re: DSA-134-1
  - From: Ralf Dreibrodt <ralf@dreibrodt.de>
- Re: DSA-134-1
  - From: martin f krafft <madduck@debian.org>
- Re: DSA-134-1
  - From: Greg Hunt <greg@supplyedge.com>
- Re: DSA-134-1
  - From: James Nord <teilo@teilo.net>
- Re: DSA-134-1
  - From: "Noah L. Meyerhans" <frodo@morgul.net>

Prev by Date: Re: DSA-134-1
Next by Date: Re: DSA-134-1
Previous by thread: Re: DSA-134-1
Next by thread: Re: DSA-134-1
Index(es):
- Date
- Thread