Hello,
On Mon, Jan 23, 2012 at 03:06:46PM +0200, [email protected] wrote:
>
> See CVE-2012-0056, a non-PIE 'su' binary makes it very easy to exploit.
Would you mind giving a bit more information?
I unfortunately stick to this PIE definition from wikipedia:
baked dish which is usually made of a pastry dough casing that
covers or completely contains a filling of various sweet or
savoury ingredients.
which does not help understanding how to PIE 'su'.
Also, I have no access to CVE-2012-0056, which is under review as of
today.
References I could find indicate an issue in the Linux kernel handling of
/proc/<pid>/mem
As of using hardening compiler / linker options, I have no idea if this is
a common practice / recommended / used in other packages.
Would it make sense to enable such flags if not done in the PAM modules or
by other suid programs?
--
Nekral
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
