ryuko

@ryuko@lemmy.ml

not a weeb
trans rights 🏳️‍⚧️🏳️‍🌈
they/them

This profile is from a federated server and may be incomplete. Browse more on the original instance.

Bypassing SELinux with init_module (seanpesce.blogspot.com)

Good technical write up on how this could be exploited

ryuko, 1 year ago

That’s a really interesting bypass; I wonder how this can be patched or mitigated considering the module is entirely loaded from memory. Short of setting noexec on temporary directories, I can’t think of any quick short term fixes.

Edit: Re-read the blog post and looked at the Github repo for the code- looks like this is more of a proof of concept of a SELinux confine bypass, as the kernel needs to be compiled with CONFIG_SECURITY_SELINUX_DEVELOP set. See the readme here, there’s some more notes that weren’t included in the blog post.

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...