grsecurity forums

[giany]

Ok now it really hurts!

$ ./sh public_html/Linux.tar

preparing
trying to exploit public_html/Linux.tar

sh-3.1# id
uid=0(root) gid=100(users) groups=100(users),103(su)
sh-3.1# uname -a
Linux * 2.6.17.4-grsec #3 Thu Jul 13 14:43:14 EEST 2006 i686 athlon-4 i386 GNU/Linux
sh-3.1#

http://www.securityfocus.com/bid/18992/info
Any fix for this? Does grsec work on 2.6.17.5?

[ralphy]

fixed in latest .5 i'm pretty sure. hotfix entails

mount -o remount,nosuid /proc