Re: ptrace vulnerability?

To: debian-security@lists.debian.org
Subject: Re: ptrace vulnerability?
From: Gustavo Franco <stratus@legolas.alternex.com.br>
Date: 19 Mar 2003 13:39:57 -0300
Message-id: <[🔎] 1048091996.698.7.camel@localhost>
In-reply-to: <[🔎] Pine.LNX.4.44.0303181200130.2245-100000@capitanata.ca.astro.it>
References: <[🔎] Pine.LNX.4.44.0303181200130.2245-100000@capitanata.ca.astro.it>

On Tue, 2003-03-18 at 08:04, Giacomo Mulas wrote:
> 	Alan Cox apparently just made public a vulnerability in the stock
> kernel which would permit a local user to gain root privileges (see e.g.
> Linux Today, LWN, the LK mailing list...). Is a patched source package in
> the making already or should we humble users, in the meantime, take the
> original patch and apply it, while the "official" thing gets worked out?
Hi,

I've a unofficial Debian package called kernel-patch-ptrace in my own
deb repository[1].It was tested on i386, the patch applies fine over
kernel-source-2.4.20 package.Feel free to use it at your own risk and
send me any feedback.

Only two modifications from the original patch by Alan Cox:
- The arch/um was commented because kernel-source-2.4.20 doesn't have
user mode linux!
- The third hunk of sched.h was commented because the associated
function wasn't found in kernel-source-2.4.20.

[1] = deb http://legolas.alternex.com.br/~stratus/debian/ ./

Cheers,
-- 
Gustavo Franco <stratus@legolas.alternex.com.br>

Reply to:

References:
- ptrace vulnerability?
  - From: Giacomo Mulas <gmulas@ca.astro.it>

Prev by Date: Re: kernel ptrace bug
Next by Date: is iptables enough?
Previous by thread: Re: ptrace vulnerability?
Next by thread: Re: ptrace vulnerability?
Index(es):
- Date
- Thread