Re: Backport of the integer overflow in the brk system call
Henning Makholm wrote:
Scripsit Tom <firstname.lastname@example.org>
On Tue, Dec 02, 2003 at 11:06:44PM +0800, Isaac To wrote:
rather far from changing anything in the kernel memory. Andreas is
definitely right that the hole doesn't look like that it is that dangerous.
If it wasn't a big deal we wouldn't be talking about it. It shut down
servers. It's dangerous enough.
Whw Isaac said was that he understands why the kernel developer who
originally fixed the bug did not realize that it was security
OK, this is sort of what I was after. I suspected this was the case, since
nothing else would make much sense. I'm just glad the exploit was discovered,
and I think the way the whole situation was handled from day one was very