Package: sysdig
Version: 0.1.79-1
Severity: normal
Hi,
I took a brief look at sysdig today and noticed the following fragment
in sysdig.cpp:
//
// No luck with modprobe either.
// Maybe this is a version of sysdig that was compiled from the
// sources, so let's make one last attempt with insmod and the
// path to the driver directory.
//
if(!open_success)
{
system("insmod ../../driver/sysdig-probe.ko > /dev/null 2> /dev/null");
inspector->open("");
}
Could this be a security issue if root runs sysdig in /tmp/project1/foo
and a local user creates /tmp/driver/sysdig-probe.ko?
-Timo
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
