Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 118535 - circumventing protection of files flagged immutable (CVE-2005-4351)
Summary: circumventing protection of files flagged immutable (CVE-2005-4351)
Status: RESOLVED CANTFIX
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://cve.mitre.org/cgi-bin/cvename....
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-01-10 07:50 UTC by Kerin Millar
Modified: 2009-05-03 15:59 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Kerin Millar 2006-01-10 07:50:34 UTC
Hi. I'm filing this because, according to an advisory from redteam-pentesting.de, it is possible to place "an arbitrary file
at the location of an immutable file, without changing the immutable
file itself." This is stated to be a weakness of the BSD securelevels mechanism and allegedly all kernels up to and including 2.6.15 are affected (presumably when  SECURITY_SECLVL is enabled).

For further details please see:

* http://redteam-pentesting.de/advisories/rt-sa-2005-015.txt
* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4351
Comment 1 Tim Yamin (RETIRED) gentoo-dev 2006-03-11 11:29:31 UTC
Greg -- know if this issue has been fixed?
Comment 2 Greg Kroah-Hartman (RETIRED) gentoo-dev 2006-03-11 13:53:15 UTC
Nope, and it doesn't look like the kernel security levels person cares about
it, and as no one uses it, I wouldn't really worry about it.

Hope this helps.
Comment 3 Tim Yamin (RETIRED) gentoo-dev 2006-03-11 13:54:26 UTC
Thanks Greg -- guess we can close this one as UPSTREAM then.
Comment 4 Robert Buchholz (RETIRED) gentoo-dev 2009-05-03 15:59:23 UTC
reopen to change resolution type