[linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation

27 Dec 2004

Hi,

careful with the linux security module: As reported on Bugtraq,
there's a vulnerability when loading LSM as a module instead of
compiling it into the kernel:

"When POSIX Capability LSM module isn't compiled into kernel, after
inserting Capability module into kernel, all existed normal users
processes will have total Capability privileges of superuser (root)."

Read on here:
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2004-12/0390.h…

Ciao
-- 
 Frank Barknecht                               _ ______footils.org__

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

[linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation