Bug#747492: sysdig: possible security issue: system("insmod ../../driver/sysdig-probe.ko > /dev/null 2> /dev/null");
control: tags -1 + upstream control: forwarded -1 https://github.com/draios/sysdig/issues/155 Hi, On Fri, May 09, 2014 at 12:35:25PM +0300, Timo Juhani Lindfors wrote: > Could this be a security issue if root runs sysdig in /tmp/project1/foo > and a local user creates /tmp/driver/sysdig-probe.ko? I think you are right and I will patch this out on the next upload. Also, let's see what upstream thinks about it. Thanks Evgeni -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#747492: sysdig: possible security issue: system("insmod ../../driver/sysdig-probe.ko > /dev/null 2> /dev/null");
Package: sysdig Version: 0.1.79-1 Severity: normal Hi, I took a brief look at sysdig today and noticed the following fragment in sysdig.cpp: // // No luck with modprobe either. // Maybe this is a version of sysdig that was compiled from the // sources, so let's make one last attempt with insmod and the // path to the driver directory. // if(!open_success) { system("insmod ../../driver/sysdig-probe.ko > /dev/null 2> /dev/null"); inspector->open(""); } Could this be a security issue if root runs sysdig in /tmp/project1/foo and a local user creates /tmp/driver/sysdig-probe.ko? -Timo -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org