Rebecca is a security analyst and knows of a local root exploit that has the ability to enable local users to use available exploits to gain root privileges. This vulnerability exploits a condition in the Linux kernel within the execve() system call. There is no known workaround that exists for this vulnerability.
What is the correct action to be taken by Rebecca in this situation as a recommendation to management?
A . Rebecca should make a recommendation to disable the () system call
B . Rebecca should make a recommendation to upgrade the Linux kernel promptly
C . Rebecca should make a recommendation to set all child-process to sleep within the execve()
D . Rebecca should make a recommendation to hire more system administrators to monitor all child processes to ensure that each child process can’t elevate privilege
Answer: B
Leave a Reply