Bug#389282: linux-2.6: Make BSD secure levels depend on CONFIG_BROKEN
maximilian attems wrote:
> On Mon, Sep 25, 2006 at 12:24:33AM +0200, Moritz Muehlenhoff wrote:
> >
> > The LSM for BSD secure levels is broken by design and unmaintained.
> > (CVE-2005-4351 and CVE-2005-4252). It's scheduled for removal
> > upstream (http://lkml.org/lkml/2006/8/2/180), but hasn't been dropped
> > yet in 2.6.18.
> >
> > While it's not enabled in the binary builds, it's selectable for
> > users building their own kernels. Attached you can find a patch
> > to make this LSM depend on BROKEN.
>
> plese send that upstream, afaik it's disabled in any current sid/testing
> linux-image.
Yes, but if it's in the source package, users expect support for it.
I wrote this patch because it's the least intrusive. If it gets removed
in the 2.6.19 merge window would you accept it or would you instead merge a
patch that removes the code entirely?
Cheers,
Moritz
Reply to: