Here are links to some instances when SE Linux prevented exploits from working or mitigated their damage:
- Dan describes how SE Linux prevents Flash exploits from working.
- SE Linux mitigates a stack overflow in OpenPegasus which could otherwise be used for a remote root exploit.
- Mambo Exploit Blocked by SE Linux from Linux Journal July 2007
- SELinux blocks Apache DoS vulnerability from James Morris’ blog June 2007
- SELinux Constrains Samba Vulnerability from Dan Walsh’s blog May 2007
- SE Linux prevents setting bad modes on /proc files and prevents exploiting a kernel bug
- HPLIP root vulnerability stoped by SE Linux
Leave a Reply
You must be logged in to post a comment.