Re: Sarge TODO items
On Wed, Jun 02, 2004 at 10:52:17PM +0200, Christoph Hellwig wrote:
> On Wed, Jun 02, 2004 at 10:42:43PM +0200, Christoph Hellwig wrote:
> > On Wed, Jun 02, 2004 at 10:48:46PM +0200, Sven Luther wrote:
> > > Known security problems ? All known problems of 2.4.25 have been fixed
> > > and backported from later kernels, so i don't really see what we would
> > > gain by going to 2.4.26, apart from uniformity over all arches.
> >
> > I don't have the time right know, but from looking through the diffs
> > I'll surely be able to point you to a bunch of driver fixes that could
> > allow exploits but no one bothered enough to try and write up a big
> > bugtraq mail.
>
> this was from 30 seconds looking at the diff, so I haven't checked
> whether it's actually coming from an an unprivilegued entry point.
> If it did we'd have a nice integer overflow and afterwards scrambling
> over random memory:
Ok, ok, but still the porting of the -benh patches will probably be less
than trivial, especially if you plan to integrate them with the
arch-indep patch. But then, you proposed to do that, so more power to
you if you manage to do it.
Friendly,
Sven Luther
Reply to: