Tag Archives: security - Page 2

Stop disabling SELinux – slides from my talk @ Krakow Infosec meetup

SELinux

Every time you run setenforce 0, you make Dan Walsh weep. Dan is a nice guy and he certainly doesn’t deserve that. So see how not to disable SELinux and why it is so great :)

Invitation to the OWASP Kraków meeting

OWASP logoI’ll have 40 – minute talk on this OWASP meeting – so If You’re interested in system level security, resources management, network isolation and restricting shell access – come, listen and have a talk with us :)

There’ll be also discussion about current situation regarding to NSA, Prism & Snowden and Wojciech Dworakowski’s presentation about new edition of OWASP top 10.

Register now ;)

 

CVE-2013-2094 – local root exploit for kernels 2.6.37 – 3.8.8 (and 2.6.32 on RHEL/CentOS)

Here is more info: http://www.reddit.com/r/netsec/comments/1eb9iw/sdfucksheeporgs_semtexc_local_linux_root_exploit/c9ykrck

This is tagged as CVE-2013-2094: https://bugzilla.redhat.com/show_bug.cgi?id=962792

Exploit: http://fucksheep.org/~sd/warez/semtex.c

Just run it like below to check If You’re affected:

So remember, that:

is just workaround for this particular exploit and is not a solution. Patch is available here: https://patchwork.kernel.org/patch/2441281/ ; You can also apply this one: https://bugzilla.redhat.com/show_bug.cgi?id=962792#c13

Update: kernel update fixing this issue is ready at RHEL network: http://rhn.redhat.com/errata/RHSA-2013-0830.html