[Fwd: setroubleshoot root exploit (CVE-Request)](http://seclists.org/oss-sec/2015/q1/1011)

> So. Yes, thats correct: The SELinux system that is only there to protect you,
> passes attacker controlled data to sh -c (https://docs.python.org/2/library/commands.html)
> inside a daemon running as root. Sacken lassen...

Ups....

Mar 27 2015 © https://www.bananas-playground.net 2000 - 2024