Good technical write up on how this could be exploited

  • SeanP
    link
    fedilink
    arrow-up
    1
    ·
    6 months ago

    Original author here - just came across this thread and had a quick correction - CONFIG_SECURITY_SELINUX_DEVELOP is only required to disable SELinux for more userspace freedom (which was the goal of the proof of concept). However, once you have execution as kernel, you can really do whatever you want even if SELinux is still on (it’s just easier to operate in user-space IMO).