Re: Linux 2.6.17.5 - Miquel van Smoorenburg

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Miquel van Smoorenburg" <miquels@cistron.nl>
To: linux-kernel@vger.kernel.org
Subject: Re: Linux 2.6.17.5
Date: Sat, 15 Jul 2006 18:50:53 +0000 (UTC)	[thread overview]
Message-ID: <e9bded$qco$1@news.cistron.nl> (raw)
In-Reply-To: 44B90DF1.8070400@ns666.com

In article <44B90DF1.8070400@ns666.com>,
Von Wolher  <trilight@ns666.com> wrote:
>Daniel Drake wrote:
>> Hi Linus,
>> 
>> Linus Torvalds wrote:
>> 
>>> I did a slight modification of the patch I committed initially, in the
>>> face of the report from Marcel that the initial sledge-hammer approach
>>> broke his hald setup.
>>>
>>> See commit 9ee8ab9fbf21e6b87ad227cd46c0a4be41ab749b: "Relax /proc fix
>>> a bit", which should still fix the bug (can somebody verify? I'm 100%
>>> sure, but still..), but is pretty much guaranteed to not have any
>>> secondary side effects.
>>>
>>> It still leaves the whole issue of whether /proc should honor chmod AT
>>> ALL open, and I'd love to close that one, but from a "minimal fix"
>>> standpoint, I think it's a reasonable (and simple) patch.
>>>
>>> Marcel, can you check current git?
>> 
>> 
>> I can confirm that the new fix prevents the exploit from working, with
>> no immediately visible side effects.
>> 
>> Thanks,
>> Daniel
>> 
>
>Can some one release a 2.6.17.6 ? I think many people are waiting at
>their keyboard to get their systems protected.

# mount -o remount,nosuid /proc

Haven't tested it but that should be the workaround.

Mike.

next prev parent reply	other threads:[~2006-07-15 18:50 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-07-15  3:00 Linux 2.6.17.5 Greg KH
2006-07-15  3:01 ` Greg KH
2006-07-15  3:28 ` [stable] " Greg KH
2006-07-15  4:20   ` Greg KH
2006-07-15 23:59     ` Matthew Frost
2006-07-16  0:08       ` Marcel Holtmann
2006-07-15  5:21 ` Linus Torvalds
2006-07-15  7:55   ` Bastian Blank
2006-07-15  8:28   ` Daniel Drake
2006-07-15 15:46     ` Von Wolher
2006-07-15 18:48       ` Greg KH
2006-07-15 18:50       ` Miquel van Smoorenburg [this message]
2006-07-15 19:17         ` Marcel Holtmann

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='e9bded$qco$1@news.cistron.nl' \
    --to=miquels@cistron.nl \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.