[CentOS] local root exploit
Matthew Miller
mattdm at mattdm.org
Mon Feb 11 22:14:06 UTC 2008
On Mon, Feb 11, 2008 at 04:26:57PM -0500, Ross S. W. Walker wrote:
> Problem with Debian patch is it may conflict with some of the RH
> backports, but if it works why not submit it to CentOS team for
> testing as I hear the RH current workaround has issues with GPFs.
I think that's with the powertech.no "ptpatch2008" kernel module which tries
to patch the problem in your existing kernel -- not with the actual fix.
> I personnally run my systems behind the firewall, but I suppose
> anybody who has CentOS/RHEL 5 that is Internet facing would
> worry a little bit more.
Do you ever use network-accessing applications which might have bugs?
> I wonder if any existing user-land utilities have hooks into
> vmsplice that may be able to be accessed via PHP, Perl, or CGI?
It's a system call.
--
Matthew Miller mattdm at mattdm.org <http://mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
More information about the CentOS
mailing list