Re: [oss-security] CVE-NONE kernel: PHONET signedness issue

This is a slippery slope. I'm in favor of not having a CVE assigned
for this issue.

Otherwise, wouldn't we need a CVE for every vector that allows
transitioning from various capabilities to root? The capability
system may be poorly designed to allow such transitions, but I don't
think they represent unexpected behavior.

-Dan

On Thu, Jan 6, 2011 at 12:54 PM, Michael Gilbert
<michael.s.gilbert@gmail.com> wrote:
> On Thu, 06 Jan 2011 13:20:49 +0800, Eugene Teo wrote:
>> re: http://seclists.org/fulldisclosure/2011/Jan/39
>>
>> Just in case someone tries to request a CVE name for this, I'm not
>> requesting for one because if you need CAP_SYS_ADMIN capability to
>> exploit this, you are already privileged.
>
> Right, but CAP_SYS_ADMIN != root, or at least it isn't meant to be. I
> mean if CAP_SYS_ADMIN == root, then one or the other doesn't need to
> exist. There is an exposure here, and for that it deserves a CVE
> identifier (of course in my opinion).  See Brad Spengler's recent
> write-up [0]. There should be some effort toward making those 21 root
> equivalent capabilities discussed there non-equivalent.
>
> Best wishes,
> Mike
>
> [0] http://forums.grsecurity.net/viewtopic.php?f=7&t=2522
>

• This message: [ Message body ]
• Next message: Michael Gilbert: "Re: [oss-security] CVE-NONE kernel: PHONET signedness issue"
• Previous message: Michael Gilbert: "Re: [oss-security] CVE-NONE kernel: PHONET signedness issue"
• In reply to: Michael Gilbert: "Re: [oss-security] CVE-NONE kernel: PHONET signedness issue"
• Next in thread: Michael Gilbert: "Re: [oss-security] CVE-NONE kernel: PHONET signedness issue"
• Reply: Michael Gilbert: "Re: [oss-security] CVE-NONE kernel: PHONET signedness issue"
• Reply: Nelson Elhage: "Re: [oss-security] CVE-NONE kernel: PHONET signedness issue"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]