https://lists.debian.org/debia...ty-announce/2014/msg00130.html
Pinkie Pie discovered an issue in the futex subsystem that allows a
local user to gain ring 0 control via the futex syscall. An
unprivileged user could use this flaw to crash the kernel (resulting
in denial of service) or for privilege escalation.
...
“Specifically, the futex syscall can leave a queued kernel waiter hanging on the stack. By manipulating the stack with further syscalls, the waiter structure can be altered. When later woken up, the altered waiter can result in arbitrary code execution in ring 0,” Cook wrote Thursday on Seclists.org. “This flaw is especially urgent to fix because futex tends to be available within most Linux sandboxes (because it is used as a glibc pthread primitive).”
http://openwall.com/lists/oss-security/2014/06/06/20
Indeed. This is probably the biggest security flaw in Linux in the
past 5 years (if not the biggest ever) since it allows a full kernel
compromise even from extremely tight sandboxes.
Znaci, cata-sistem koji ima kompajler, pravo izvrsavanja - i debian i njegove derivate, ako mu se priblizi neko ko zna sta radi, moze dobiti kompletan pristup sistemu (ring 0).
Zbog toga, komplet eliminacija prava izvrsavanja osim za autorizovane procese, pravo pisanja samo tamo gde treba i eliminacija svih nepotrebnih modula, daemona, itd...
Nije garancija, ali svakako korak u pravom smeru.
Referenca:
http://tinyhack.com/2014/07/07...-bug-and-uncovering-towelroot/
http://www.digicortex.net/node/1 Videos: http://www.digicortex.net/node/17 Gallery: http://www.digicortex.net/node/25
PowerMonkey - Redyce CPU Power Waste and gain performance! - https://github.com/psyq321/PowerMonkey