Hi. I'm filing this because, according to an advisory from redteam-pentesting.de, it is possible to place "an arbitrary file at the location of an immutable file, without changing the immutable file itself." This is stated to be a weakness of the BSD securelevels mechanism and allegedly all kernels up to and including 2.6.15 are affected (presumably when SECURITY_SECLVL is enabled). For further details please see: * http://redteam-pentesting.de/advisories/rt-sa-2005-015.txt * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4351
Greg -- know if this issue has been fixed?
Nope, and it doesn't look like the kernel security levels person cares about it, and as no one uses it, I wouldn't really worry about it. Hope this helps.
Thanks Greg -- guess we can close this one as UPSTREAM then.
reopen to change resolution type