> On Thu, Mar 20, 2003 at 09:23:28PM +0200, Yaroslav Popovitch wrote:
> > Hi! I applied Alan Cox's patches for ptrace bug. But system is still
> > exploitable.
> >
> > I used my own kernel-2.4.19 with patch for 2.4.19 kernel. It does not
> > helped. Then I took vanilla 2.4.20 kernel from www.kernel.org and applied
> > patch for 2.4.20 kernel. System is still exploitable.
>
> Can you verify that you are clearing the setuid bit that gets set, when
> the exploit is run? IIRC, you must manually do that to verify that your
> system is indeed no longer exploitable.
>
> Jeff
>
Thanks, it helped ;). I did not delete and recompiled exploit from
previous attempts, so it had SUID flag set. Thx.
Sry for panic ...
Cheers,YP
>
>
>
-
Mr. Yaroslav Popovitch yp@sot.com - tel. +372 6419975
SOT Finnish Software Engineering Ltd. - fax +372 6419975
Kreutzwaldi 7-4, 10124 TALLINN - http://www.sot.com
ESTONIA - http://sotlinux.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/