[CentOS] Heads up on local root escalation
James Hogarth
james.hogarth at gmail.com
Tue May 13 06:41:38 UTC 2014
On 12 May 2014 22:15, "Keith Keller" <kkeller at wombat.san-francisco.ca.us>
wrote:
> Actually, I was wondering about mitigation along the lines of
> blacklisting a module, tuning a sysctl parameter, or some other
> mitigation that wouldn't require a new kernel. Perhaps such mitigation
> isn't even possible with this issue.
>
Yeah I've not seen any mitigations that would work for CentOS.
I wonder if a systemtap module would be feasible like that one a few months
or so ago.
For the time being I guess that doubly vigilant is important.
More information about the CentOS
mailing list