* Does this address the setuid() bug?
@ 2000-12-23 19:14 Bucky Goldstein
2000-12-24 0:24 ` Jeremiah Johnson
2000-12-26 14:35 ` Stephen Smalley
0 siblings, 2 replies; 3+ messages in thread
From: Bucky Goldstein @ 2000-12-23 19:14 UTC (permalink / raw)
To: selinux
Seeing as selinix is based on the 2.2.12 kernel, is it affected by the
setuid() bug that plagued kernel versions < 2.2.15 ?
Sorry if this question has been asked before.
TIA,
Bucky Goldstein
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Does this address the setuid() bug?
2000-12-23 19:14 Does this address the setuid() bug? Bucky Goldstein
@ 2000-12-24 0:24 ` Jeremiah Johnson
2000-12-26 14:35 ` Stephen Smalley
1 sibling, 0 replies; 3+ messages in thread
From: Jeremiah Johnson @ 2000-12-24 0:24 UTC (permalink / raw)
To: selinux
Technically it would inherit any bugs fixed in whatever the newest kernel is, unless they where bugs introduced after 2.2.12 and before 2.2.18. There is also a patch out for 2.2.17 though, so you could use that.
Jeremiah Johnson
Linux Security Analyst
Penguin Computing
On Sat, Dec 23, 2000 at 12:14:05PM -0700, Bucky Goldstein wrote:
> Seeing as selinix is based on the 2.2.12 kernel, is it affected by the
> setuid() bug that plagued kernel versions < 2.2.15 ?
>
> Sorry if this question has been asked before.
>
> TIA,
>
> Bucky Goldstein
> You have received this message because you are subscribed to the selinux list.
> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
> the words "unsubscribe selinux" without quotes as the message.
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Does this address the setuid() bug?
2000-12-23 19:14 Does this address the setuid() bug? Bucky Goldstein
2000-12-24 0:24 ` Jeremiah Johnson
@ 2000-12-26 14:35 ` Stephen Smalley
1 sibling, 0 replies; 3+ messages in thread
From: Stephen Smalley @ 2000-12-26 14:35 UTC (permalink / raw)
To: selinux
As mentioned by others, Security-Enhanced Linux does not
fix existing bugs in the Linux kernel but it does provide
mandatory access controls that can confine the potential
damage that can be caused by such bugs. The mandatory
access controls are orthogonal to the existing Linux
access control mechanism and are unaffected by the
Unix superuser identity or Linux capabilities.
--
Stephen D. Smalley, NAI Labs
sds@tislabs.com
On Sat, 23 Dec 2000, Bucky Goldstein wrote:
> Seeing as selinix is based on the 2.2.12 kernel, is it affected by the
> setuid() bug that plagued kernel versions < 2.2.15 ?
>
> Sorry if this question has been asked before.
>
> TIA,
>
> Bucky Goldstein
> You have received this message because you are subscribed to the selinux list.
> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
> the words "unsubscribe selinux" without quotes as the message.
>
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2000-12-26 14:36 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2000-12-23 19:14 Does this address the setuid() bug? Bucky Goldstein
2000-12-24 0:24 ` Jeremiah Johnson
2000-12-26 14:35 ` Stephen Smalley
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.