On Sat, Mar 29, 2003 at 12:38:41PM +0000, Shri Shrikumar wrote: > On Sat, 2003-03-29 at 03:54, Rob Weir wrote: > > No, that is odd. Another short-term fix is to > > 'echo SaveMeJeebus > /proc/sys/kernel/modprobe', which disables the > > module loading that is part of the problem. > > Does that mean that a kernel that has module loading disabled is not > vulnerable to this exploit ? Hmm, I'm not really sure. I've read the discussion on lkml, but a lot of it went over my head. I think the answer is 'yes, for this particular one', but the root issue here could also lead to other vulnerabilities. I'm still following that discussion, so I'll post if I ever figure it out myself. -- Rob Weir <rweir@ertius.org> http://ertius.org/ If I want a CC, I'll ask for one! | Do I *look* like I want another damn war?
Attachment:
pgptdMyaM6SU5.pgp
Description: PGP signature