From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S264692AbUGHVyP (ORCPT ); Thu, 8 Jul 2004 17:54:15 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S264767AbUGHVyO (ORCPT ); Thu, 8 Jul 2004 17:54:14 -0400 Received: from zulo.virutass.net ([62.151.20.186]:2441 "EHLO mx.larebelion.net") by vger.kernel.org with ESMTP id S264692AbUGHVyN convert rfc822-to-8bit (ORCPT ); Thu, 8 Jul 2004 17:54:13 -0400 From: Manuel Arostegui Ramirez To: Chris White , linux-kernel@vger.kernel.org Subject: Re: Kernel fchown() exploit status? Date: Thu, 8 Jul 2004 23:54:23 +0200 User-Agent: KMail/1.5 References: <40EDB764.6060107@securesystem.info> In-Reply-To: <40EDB764.6060107@securesystem.info> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8BIT Content-Disposition: inline Message-Id: <200407082354.23336.manuel@todo-linux.com> X-Virus: by Larebelion Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org El Jueves 08 Julio 2004 23:06, Chris White escribió: > There was a recent security announcment regarding a vulnerability with > the fchown function. > > Only a few distrobutions (red hat/suse) have fixed the issue, but I've > yet to see a general patch for it. > > Information regarding the issue is here: > > http://xforce.iss.net/xforce/xfdb/16599 > > I searched around the archive databases, but did not come up with it > (unless I skipped over something accidentaly) > > Thank you for your time and appologies if this is a duplicate. > > ----------------- > Chris White Thanks for the patch, I haven't read about it before. -- Manuel Arostegui Ramirez #Linux Registered User 200896