OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Sendmail 8.10.2, Linux 2.4.0 - capabilities
From: Kyle Sparger (kspargerDIALTONEINTERNET.NET)
Date: Thu Jun 08 2000 - 13:41:54 CDT

> My first shot at Linux kernel hacking - were there any other tweaks to
> close this hole? ;)

I don't know what all the consequences of this are, but the module below
will disable the capset system call (which I think is necessary for the
exploit). This is also my first shot at kernel hacking -- if I did
something stupid, please educate rather than flame :)

Note that I don't know what all uses the capabilities code, but I've been
running this module on my system here for a few hours without consequence.

Thanks,

Kyle Sparger - Senior System Administrator
Dialtone Internet - Extremely Fast Web Systems
(954) 581-0097 - Voice (954) 581-7629 - Fax
kspargerdialtoneinternet.net
http://www.dialtoneinternet.net

---------------------------------------
bogus_capset.c, compile:

gcc -DMODULE -c bogus_capset.c

---------------------------------------

#include <linux/kernel.h>
#include <linux/module.h>

#include <sys/syscall.h>
#include <linux/linkage.h>
#include <linux/errno.h>

#include <sys/syscall.h>

extern void *sys_call_table[];

asmlinkage int bogus_capset()
{
        return -EPERM;
}

int init_module()
{
  sys_call_table[__NR_capset] = bogus_capset;

  return 0;
}

void cleanup_module()
{
}