[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re[2]: ACL patches in Debian 2.4 series kernel.

Hello Horms,
Tuesday, August 9, 2005, 6:33:04 AM, you wrote:


>> >   I  have  read the cahngelog for Debian version of kernel 2.4.27 (and .26
>> >   too) and I have found that the latest version of Posix ACL patches seems
>> >   to be 0.8.71, merged by Herbert Xu in April 2004.

H> are you talking about CAN-2005-0757

No, I don't think it's the same. This issue, AFAIK, causes default acls to
disappear from a directory, but does not crash the system. It's not really
a  security  issue,  since it does not allow more rights on the files, but
less  rights (removing default ACLS). Well, if a user can trigger it, it's
a DOS anyway.

I  have not investigated the issue very deeply, but I can tell that it can
be   fixed   by   applying   the   newer  (>=  0.8.72)  ACL  patches  from
http://acl.bestbits.at.

To  quote  Andreas Gruenbacher, "This was fixed in version 0.8.72. The bug
was  in  function  ext2_xattr_cmp and ext3_xattr_cmp: They did not compare
the e_name_index field."

H> Otherwise, 2.4 is really in maintenence mode for Sarge, so you might be
H> best to try one of the newer kernels (e.g. 2.6.12) in unstable.

I'll  try 2.6.12, because with 2.6.8 (Sarge default 2.6 kernel) I have had
issues  with  USB2  controllers  not  being  released  by  the BIOS to the
kernel's  driver  (which  never happened with 2.4.x series) so I could not
use USB2 devices at all.



-- 

 Fabio "Kurgan" Muzzi 

La diagnosi del tecnico:
   Sovrapposizione di indirizzi nella RAM
Reply to: