Re: [suse-security] fix for new elf loader bug?

[Frank Steiner <fsteiner-mail@xxxxxxxxxxxxxx>]

Mike Tierney wrote

> An immediate hotfix that requires no patching or updates is to disable core
> dumps.
>
> As mentioned in http://www.isec.pl/vulnerabilities/isec-0023-coredump.txt
> (This is from the guy who discovered this problem - see
> http://secunia.com/advisories/15341 )
>
> "A hotfix for this vulnerability is  to  disallow
> processes  to  drop  core.  This can be accomplished by setting the hard
> core size limit for users to 0 (e.g. ulimit -H -c 0, man limits.conf)."

But you can't do that in a running system. It won't affect running shells
of normal users. So you need to reboot, and then you would need to
reboot again to allow cores again. So it's easier to reboot only once
with a patched kernel...


--
Dipl.-Inform. Frank Steiner   Web:  http://www.bio.ifi.lmu.de/~steiner/
Lehrstuhl f. Bioinformatik    Mail: http://www.bio.ifi.lmu.de/~steiner/m/
LMU, Amalienstr. 17           Phone: +49 89 2180-4049
80333 Muenchen, Germany       Fax:   +49 89 2180-99-4049
* Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat. *

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here