-
January 12th, 2002, 01:27 AM
#1
Linux Intrusion Detection System vulerability
The use of LD_PRELOAD can make a program with privileges given by LIDS execute attackers code. This mean that a root intruder can get every capability or fs access you configured LIDS to grant.Moreover, if you granted CAP_SYS_RAWIO or CAP_SYS_MODULE to a program, an attacker could deactivate LIDS and thus, access any file.
Read more at www.xatrix.org if you want to be informed...
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|