{"id":473,"date":"2016-10-27T07:21:53","date_gmt":"2016-10-27T06:21:53","guid":{"rendered":"http:\/\/prodhostingsrbija.net\/blog\/?p=473"},"modified":"2016-10-27T07:21:53","modified_gmt":"2016-10-27T06:21:53","slug":"dirty-cow","status":"publish","type":"post","link":"https:\/\/prodhostingsrbija.net\/blog\/dirty-cow\/","title":{"rendered":"Dirty COW"},"content":{"rendered":"<p>Poslednjih dana mnogo se pise\u00a0o ovom\u00a0bezbednosnom propustu na Linux platformi, te cu iskoristiti priliku da i ovde napisem par reci o tome. Ko se dugo bavi Linux-om zna da je jos 2001 godine tim koji radi sa Linus Torvaldsom (ko ne zna kreatorom Linux-a) prijavio ovaj propust, medjutim odustalo se od radjenja patch-a zbog drugih problema koji su\u00a0nastali.<\/p>\n<p>&#8220;This is an ancient bug that was actually attempted to be fixed once (badly) by me 11 years ago in commit 4ceb5db9757a (&#8220;Fix get_user_pages() race for write access&#8221;) but that was then undone due to problems on s390 by commit f33ea7f404e5 (&#8220;fix get_user_pages bug&#8221;)&#8221;, Torvalds wrote.<\/p>\n<p>Ovaj\u00a0exploit radi tako sto pise u \/proc\/self\/mem fajl. Iskusni\u00a0administratori sistema su i pre ove objave i dizanja prasine jednostavno stavljali chattr +i (lockovali) fajl, ili stavljali fajl u read-only mode sto je bio de-facto fix. S&#8217;obzirom da se na nasim sistemima iskljucivo koriste RHEL verzije cekali smo update od Red Hat tim-a kako bi se izvrsio update kernel-a, a po preporuci Red Hat programera\u00a0https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=1384344#c13 ovde.<\/p>\n<p>Nazalost, server mora biti restartovan, tako da update cemo raditi preko noci vikenda koji nam predstoji kako bi se i ovaj stari propust zakrpio.<\/p>\n<p>Zahvaljujem na razumevanju,<\/p>\n<p>Nemanja &#8211; ProdHostingNET System Administrator<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Poslednjih dana mnogo se pise\u00a0o ovom\u00a0bezbednosnom propustu na Linux platformi, te cu iskoristiti priliku da i ovde napisem par reci o tome. Ko se dugo bavi Linux-om zna da je jos 2001 godine tim koji radi sa Linus Torvaldsom (ko ne zna kreatorom Linux-a) prijavio ovaj propust, medjutim odustalo se od radjenja patch-a zbog drugih [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[334,335,333,336,337],"_links":{"self":[{"href":"https:\/\/prodhostingsrbija.net\/blog\/wp-json\/wp\/v2\/posts\/473"}],"collection":[{"href":"https:\/\/prodhostingsrbija.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/prodhostingsrbija.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/prodhostingsrbija.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/prodhostingsrbija.net\/blog\/wp-json\/wp\/v2\/comments?post=473"}],"version-history":[{"count":1,"href":"https:\/\/prodhostingsrbija.net\/blog\/wp-json\/wp\/v2\/posts\/473\/revisions"}],"predecessor-version":[{"id":474,"href":"https:\/\/prodhostingsrbija.net\/blog\/wp-json\/wp\/v2\/posts\/473\/revisions\/474"}],"wp:attachment":[{"href":"https:\/\/prodhostingsrbija.net\/blog\/wp-json\/wp\/v2\/media?parent=473"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/prodhostingsrbija.net\/blog\/wp-json\/wp\/v2\/categories?post=473"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/prodhostingsrbija.net\/blog\/wp-json\/wp\/v2\/tags?post=473"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}