[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#389282: linux-2.6: Make BSD secure levels depend on CONFIG_BROKEN

maximilian attems wrote:
> On Mon, Sep 25, 2006 at 12:24:33AM +0200, Moritz Muehlenhoff wrote:
> > 
> > The LSM for BSD secure levels is broken by design and unmaintained.
> > (CVE-2005-4351 and CVE-2005-4252). It's scheduled for removal
> > upstream (http://lkml.org/lkml/2006/8/2/180), but hasn't been dropped
> > yet in 2.6.18.
> > 
> > While it's not enabled in the binary builds, it's selectable for
> > users building their own kernels. Attached you can find a patch
> > to make this LSM depend on BROKEN.
> 
> plese send that upstream, afaik it's disabled in any current sid/testing
> linux-image.

Yes, but if it's in the source package, users expect support for it.

I wrote this patch because it's the least intrusive. If it gets removed
in the 2.6.19 merge window would you accept it or would you instead merge a
patch that removes the code entirely?

Cheers,
        Moritz
Reply to: