Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 11 Oct 2006 08:39:29 -0400
From:      Bill Moran <wmoran@collaborativefusion.com>
To:        Colin Percival <cperciva@freebsd.org>
Cc:        freebsd security <freebsd-security@freebsd.org>, questions@freebsd.org
Subject:   Re: iDefense Security Advisory 10.10.06: FreeBSD ptrace PT_LWPINFO Denial of Service Vulnerability
Message-ID:  <20061011083929.fbb9d226.wmoran@collaborativefusion.com>
In-Reply-To: <452C7765.5080403@freebsd.org>
References:  <20061010185141.ce3e7134.wmoran@collaborativefusion.com> <452C25A2.6080809@freebsd.org> <20061010201630.aabaf1a4.wmoran@collaborativefusion.com> <452C7765.5080403@freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help
In response to Colin Percival <cperciva@freebsd.org>:

> Bill Moran wrote:
> > Colin Percival <cperciva@freebsd.org> wrote:
> >> This is a local denial of service bug, which was fixed 6 weeks ago in HEAD
>              ^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > That was what I expected.  Section III seems to hint that it could be
> > used by an unprivileged user to crash or lock a system.
> 
> Yes.  An unprivileged user who is able to execute code on an affected system
> can cause a kernel panic.  There are a variety of reasons for not treating
> bugs like this as security issues; the strongest reason imho is that if one
> of your users is making a system crash, you can disable his account and call
> the police.

Thanks for the clarification.

>From my standpoint, this qualifies as a "privilege escalation" and warrants
action.  I see that it's already fixed in RELENG_6_1.  Am I correct that
there is no intention to MFC this back to RELENG_6_0?

And, yes, I can't spell "unprivileged" to save my life, and the spell
checker was turned off on my other computer ...

-- 
Bill Moran
Collaborative Fusion Inc.

****************************************************************
IMPORTANT: This message contains confidential information and is
intended only for the individual named. If the reader of this
message is not an intended recipient (or the individual
responsible for the delivery of this message to an intended
recipient), please be advised that any re-use, dissemination,
distribution or copying of this message is prohibited. Please
notify the sender immediately by e-mail if you have received
this e-mail by mistake and delete this e-mail from your system.
E-mail transmission cannot be guaranteed to be secure or
error-free as information could be intercepted, corrupted, lost,
destroyed, arrive late or incomplete, or contain viruses. The
sender therefore does not accept liability for any errors or
omissions in the contents of this message, which arise as a
result of e-mail transmission.
****************************************************************



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061011083929.fbb9d226.wmoran>