Tracy R Reed wrote:
Tracy R Reed wrote:
It gives real world examples of exploits in the wild right now which
SE Linux is actually preventing from working. Also talks about how they
And here is a complete writeup on how SE Linux prevented a Mambo exploit
from allowing a server to be taken over detailing exactly which policy
rules blocked what moves by the attacker:
http://www.linuxjournal.com/article/9176
Sigh.
So, when is Linux going to finally drop the stupid requirement that you
need to be *root* to bind to a port less than 1024?
Without that requirement, pretty much every root compromise disappears.
-a
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
