[CentOS] Serious attack vector on pkcheck ignored by Red Hat
Gordon Messmer
gordon.messmer at gmail.comWed Feb 15 18:23:59 UTC 2017
- Previous message: [CentOS] Serious attack vector on pkcheck ignored by Red Hat
- Next message: [CentOS] Serious attack vector on pkcheck ignored by Red Hat
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 02/15/2017 08:47 AM, Valeri Galtsev wrote: > And yes, ALL user writable places (including often overlooked /dev/shm) > are mounted with nosuid, nosgid, nodev, noexec options on servers where > users are allowed to have shell. How sure are you? On the system I'm looking at right now, any user can write to: /dev/mqueue /dev/shm /run/user/<uid> /run/screen/S-<user> /var/spool/samba /home/<user> /tmp /var/tmp Notably, the "screen" and "samba" locations only appear when the respective packages are installed, so the places users can write may vary from system to system.
- Previous message: [CentOS] Serious attack vector on pkcheck ignored by Red Hat
- Next message: [CentOS] Serious attack vector on pkcheck ignored by Red Hat
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list