Re: [d-security] Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
On Tue, Apr 01, 2003 at 02:06:12PM +0200, Marc Demlenne wrote:
> > but isn't there a trick to surpass the bug while waiting for debian
> > updates ?
>
> What's the real effect of modifying /proc/sys/kernel/modprobe by, e.g.
> echo unexisting_binary > /proc/sys/kernel/modprobe
>
> Can we trust this solution ?
NO, it does not prevent the exploit.
It does prevent the km3.c example exploit but not e.g.
http://isec.pl/cliph/isec-ptrace-kmod-exploit.c
You have to patch the kernel or load and compile the following module:
http://www.securiteam.com/tools/5SP082K5GK.html (no-ptrace-module.c)
bye,
-christian-
Reply to: