On Monday, 8 August 2016 11:50:50 PM AEST Peter Ross via luv-main wrote:
After years of using FreeBSD and securing them, I was astonished when I saw someone disabling SELinux the first time. How could that be?
I am used to securelevels in FreeBSD, see security(7),
https://www.checkpoint.com/downloads/resources/quadRooter-vulnerability-rese arch-report.pdf
The kernel runs with five different security levels. Any super-user process can raise the level, but no process can lower it.
The PDF file you cite describes how a lack of kernel address space randomisation permits exploiting the kernel. If the BSD kernel is compiled without such kernel protections then similar attacks could be performed against it. The PDF describes changing UID to 0, any code that can do that can change secure levels. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/