From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner+willy=40w.ods.org-S1750713AbWGOPuE@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1750713AbWGOPuE (ORCPT <rfc822;willy@w.ods.org>);
	Sat, 15 Jul 2006 11:50:04 -0400
Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1750715AbWGOPuE
	(ORCPT <rfc822;linux-kernel-outgoing>);
	Sat, 15 Jul 2006 11:50:04 -0400
Received: from [202.67.154.148] ([202.67.154.148]:7060 "EHLO ns666.com")
	by vger.kernel.org with ESMTP id S1750713AbWGOPuD (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Sat, 15 Jul 2006 11:50:03 -0400
Message-ID: <44B90DF1.8070400@ns666.com>
Date: Sat, 15 Jul 2006 17:46:57 +0200
From: Von Wolher <trilight@ns666.com>
User-Agent: Mozilla/4.0 (compatible; MSIE 5.0; Mac_PowerPC)
X-Accept-Language: en-us
MIME-Version: 1.0
To: Daniel Drake <dsd@gentoo.org>
CC: Linus Torvalds <torvalds@osdl.org>, Greg KH <gregkh@suse.de>,
       Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
       Andrew Morton <akpm@osdl.org>, stable@kernel.org,
       Marcel Holtmann <holtmann@redhat.com>
Subject: Re: Linux 2.6.17.5
References: <20060715030047.GC11167@kroah.com> <Pine.LNX.4.64.0607142217020.5623@g5.osdl.org> <44B8A720.3030309@gentoo.org>
In-Reply-To: <44B8A720.3030309@gentoo.org>
X-Enigmail-Version: 0.91.0.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
X-Mailing-List: linux-kernel@vger.kernel.org

Daniel Drake wrote:
> Hi Linus,
> 
> Linus Torvalds wrote:
> 
>> I did a slight modification of the patch I committed initially, in the
>> face of the report from Marcel that the initial sledge-hammer approach
>> broke his hald setup.
>>
>> See commit 9ee8ab9fbf21e6b87ad227cd46c0a4be41ab749b: "Relax /proc fix
>> a bit", which should still fix the bug (can somebody verify? I'm 100%
>> sure, but still..), but is pretty much guaranteed to not have any
>> secondary side effects.
>>
>> It still leaves the whole issue of whether /proc should honor chmod AT
>> ALL open, and I'd love to close that one, but from a "minimal fix"
>> standpoint, I think it's a reasonable (and simple) patch.
>>
>> Marcel, can you check current git?
> 
> 
> I can confirm that the new fix prevents the exploit from working, with
> no immediately visible side effects.
> 
> Thanks,
> Daniel
> 

Can some one release a 2.6.17.6 ? I think many people are waiting at
their keyboard to get their systems protected.

Appreciate the quick response !

Thanks,

Mark