Bug#389282: linux-2.6: Make BSD secure levels depend on CONFIG_BROKEN
On Mon, Sep 25, 2006 at 12:24:33AM +0200, Moritz Muehlenhoff wrote:
>
> The LSM for BSD secure levels is broken by design and unmaintained.
> (CVE-2005-4351 and CVE-2005-4252). It's scheduled for removal
> upstream (http://lkml.org/lkml/2006/8/2/180), but hasn't been dropped
> yet in 2.6.18.
>
> While it's not enabled in the binary builds, it's selectable for
> users building their own kernels. Attached you can find a patch
> to make this LSM depend on BROKEN.
plese send that upstream, afaik it's disabled in any current sid/testing
linux-image.
> Cheers,
> Moritz
>
best regards
--
maks
Reply to: