What is the correct action to be taken by Rebecca in this situation as a recommendation to management?

Rebecca is a security analyst and knows of a local root exploit that has the ability to enable local
users to use available exploits to gain root privileges. This vulnerability exploits a condition in the
Linux kernel within the execve() system call. There is no known workaround that exists for this
vulnerability. What is the correct action to be taken by Rebecca in this situation as a
recommendation to management?

Rebecca is a security analyst and knows of a local root exploit that has the ability to enable local
users to use available exploits to gain root privileges. This vulnerability exploits a condition in the
Linux kernel within the execve() system call. There is no known workaround that exists for this
vulnerability. What is the correct action to be taken by Rebecca in this situation as a
recommendation to management?

A.
Rebecca should make a recommendation to disable the() system call

B.
Rebecca should make a recommendation to upgrade the Linux kernel promptly

C.
Rebecca should make a recommendation to set all child-process to sleep within the execve()

D.
Rebecca should make a recommendation to hire more system administrators to monitor all
child processes to ensure that each child process can’t elevate privilege

Show Hint

Leave a Reply 3

Your email address will not be published. Required fields are marked *

Mac

Mac

What evidence is there that the next version of Unix Kernel fixes the issue?

Reply

RoundHatHacker

RoundHatHacker

yes…if there is no workaround then why upgradation ?

Reply

Anonymous

Anonymous

The question says there is no known workaround. Upgrading the OS wouldn’t solve the issue here.

Who writes this crap?

Reply