Hide Forgot
It was found that systemtap runtime tool (staprun) did not properly enforce the module's path sanity check, when the ad-hoc module instrumentation via user-space probing with user-specified module path was requested. A local user, member of the 'stapusr' group could use this flaw to escalate their privileges.
This issue did NOT affect the versions of the systemtap package, as shipped with Red Hat Enterprise Linux 4 and 5 as they do not provide support for loading of user-space probing modules from user-specified locations yet. -- This issue affects the version of the systemtap package, as shipped with Red Hat Enterprise Linux 6. -- This issue affects the versions of the systemtap package, as shipped with Fedora release of 14 and 15.
Created attachment 509874 [details] Don't allow path-based auth for uprobes
Created systemtap tracking bugs for this issue Affects: fedora-all [bug 725578]
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:1088 https://rhn.redhat.com/errata/RHSA-2011-1088.html