Hi Diego, So I recently published this: http://blog.zx2c4.com/749 , a local priv escalation. It doesn't work on Fedora because their /bin/su is compiled with -pie. (They don't compile gpasswd with -pie though, so they're still vulnerable.) In any case, what if we made it a policy in Gentoo to compile * all* SUID binaries with PIE, to prevent against any types of future attacks of this variety?
Jason
