Re: [Full-disclosure] Linux Kernel 2.6.x PRCTL Core Dump Handling - simple workaround

lars brun nielsen Thu, 13 Jul 2006 00:10:11 -0700

hi,

setting 750 on /etc/cron.* would stop this exploit


/lars
>
>     if ( !( child = fork() )) {
>         chdir("/etc/cron.d");
>         prctl(PR_SET_DUMPABLE, 2);
>         sleep(200);
>         exit(1);

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Linux Kernel 2.6.x PRCTL Core Dump Handling - simple workaround

Reply via email to