CentOS kernel security exploit | RHEL 2.6.32.X | 15 May 2013

سلام

شرکت BetterLinuxTM امروز برای من ایمیلی رو با عنوان CentOS kernel security exploit ارسال کرده که بنده عین ایمیل رو براتون نقل قول میکنم .

نقل قول:

---

Dear BetterLinux Beta Customer,


A vulnerability has been discovered in stock CentOS and RHEL 2.6.32.X kernels (and consequently in the BetterLinux kernel) that requires an immediate security response. While we wait for upstream vendors to address the issue, please use this temporary work-around to secure your systems:
Using the

کد:

---

sysctl

---

utility, alter the the

کد:

---

perf_event_paranoid

---

variable. In part, this variable determines whether you:

1. Disallow cpu events for unprivileged users
2. Disallow kernel profiling for unprivileged users

Choose option 2, which essentially makes the

کد:

---

perf

---

system usable only by root:

کد:

---

sysctl kernel.perf_event_paranoid=2

---

Unfortunately, this variable resets upon reboot. Here are three responses to that inconvenience:

1. Manually change the variable after every boot
2. Add the
   کد:

   ---

   sysctl

   ---

   instruction into a system RC script, OR
3. Simply add the instruction into
   کد:

   ---

   /etc/sysctl.conf

   ---

   .

Redhat is now testing a fix, and CentOS will not be far behind. We apologize for any inconvenience.

The BetterLinux Team

---

ضمن تشکر

لینک مرنبط:

https://www.centos.org/modules/newbb...42827&forum=59