[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE-2016-7545 -- SELinux sandbox escape
From: christos () zoulas ! com (Christos Zoulas)
Date: 2016-09-29 12:27:47
Message-ID: 20160929122747.1155317FDAB () rebar ! astron ! com
[Download RAW message or body]
On Sep 29, 12:32pm, jwilk@jwilk.net (Jakub Wilk) wrote:
-- Subject: Re: [oss-security] CVE-2016-7545 -- SELinux sandbox escape
| * Christos Zoulas <christos@zoulas.com>, 2016-09-26, 13:53:
| >On the BSDs TIOCSTI has been limited to the superuser since the 4.4BSD Lite 2
| >release in 1995 (IIRC).
|
| Hmm. I've just tried OpenBSD 5.7 and FreeBSD 10.3, and TIOCSTI works fine for
| non-root users.
I am wrong, sorry. It still works on BSD for the owner of the tty controlling
process group. I guess it is time to fix it everywhere.
christos
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic