Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]

To: DouRiX <dourix-tech@simicro-internet.mg>
Cc: debian-security@lists.debian.org
Subject: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
From: Marc Demlenne <m.demlenne@skynet.be>
Date: Tue, 1 Apr 2003 14:06:12 +0200
Message-id: <[🔎] 20030401120612.GA555@marcelle.homelinux.org>
In-reply-to: <[🔎] 3E89761A.60609@simicro-internet.mg>
References: <3E883C67.3020807@simicro-internet.mg> <20030331134931.GA7092@mood.ritram.it> <[🔎] 3E89761A.60609@simicro-internet.mg>

> but isn't there a trick to surpass the bug while waiting for debian 
> updates ?

What's the real effect of modifying /proc/sys/kernel/modprobe by, e.g.
  
  echo unexisting_binary > /proc/sys/kernel/modprobe

Can we trust this solution ?
What's the effect ?

It seems to work fine, and to block the exploit on my box.
But i don't know the effect on the system, since i guess this file has a
good reason to be present on a debian box ... 
So is it a good idea to modify it this way ?

Thanx.

-- 
   __o   
 _`\<,_  Marc Demlenne                   Public Key on www.keyserver.net
(_)/ (_) GPG/768FA483 BFD8 E61B 180C 3E7A 3435  D393 B605 9979 768F A483

Reply to:

Follow-Ups:
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Rolf Kutz <kutz@netcologne.de>
- Re: [d-security] Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Christian Hammers <ch@debian.org>

References:
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: DouRiX <dourix-tech@simicro-internet.mg>

Prev by Date: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Next by Date: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Previous by thread: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Next by thread: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Index(es):
- Date
- Thread