Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
On martedì 01 aprile 2003, alle 14:20, DouRiX wrote:
> but isn't there a trick to surpass the bug while waiting for debian
> updates ?
Actually, yes.
But i'm not really sure if it's a "good" workaorund. Anyway:
if you disable automatic loading module (a kernel feature), you may
ignore this vulnerability.
You may do this with:
echo "whatever" > /proc/sys/kernel/modprobe
So, whenever some automatism invoke this, produce an error.
Unfortunately, you may not discriminate what process can do this
safetely and wich not.
In a server enviroment, where there no need to load modules at run-time,
could be a "usable workaorund", but, in a workstation machine, i don't
think thats a great idea.
So, its prefereable, to get the patch and recompile the kernel, or take
the 2.4.20-patched kernel in proposed update.
my 0.2 cents.
> or won't be there a 2.4.18 update ? :)
I never seen a "kernel update", you may install different copy of them.
I suppose that will not be upgraded for this reason, and when will be
available the 2.4.20 (when it will be well tested) simply you could
install it.
meanwhile... (this is why i backported the patch. i like stable thinks.
2.4.18 run great for me. i'm not hurry for the new-verynew-release).
forgive my english.
--
Buffy: "Is this a get-in-my-pants thing? You guys in Sunnydale talk
like I'm the second coming."
--Buffy the Vampire Slayer: The Wish
Reply to: