On Mon, 28 Aug 2000, Linus Torvalds wrote:
> > b) we are using the same thing in do_signal() on all architectures.
>
> Yes, this could be cleaned up.
Umm... That too, but I mean unprotected access to ->p_pptr.
> > c) generating ELF coredumps and exec.c::must_not_trace_exec() are
> > vulnerable too.
>
> Basically anything that uses p_pptr, I think. Which is not that much.
Nah... About a half of these places is under the tasklist_lock.
> > d) Where do we initialize ->p_pptr if test in the beginning of
> > do_fork() fails?
>
> Look at the line that says "*p = *current", and grok it.
<self-LART> Ouch. </self-LART>
I need more coffee. Sorry.
> Anyway, what I really wanted to know was whether I was overlooking
> something or not. You seem to agree that it looks like a real bug.
It does.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Aug 31 2000 - 21:00:22 EST