Re: [PATCH] proc: avoid leaking eip, esp, or wchan tonon-privileged processes (fwd)

[Greg KH]

On Sun, May 03, 2009 at 07:11:24PM -0600, Jake Edge wrote:
> On Mon, 4 May 2009 09:27:29 +1000 (EST) James Morris wrote:
> > This patch needs some review.
> 
> Indeed.
> 
> > Note that stable@xxxxxxxxxx typically backport already-reviewed and 
> > applied patches.  I think security@xxxxxxxxxx is for reporting
> > problems in a non-public way (whereas, this is already public
> > knowledge).
> 
> I realize (now :) that I didn't get this out to all of the right folks,
> thanks for doing that.  I didn't realize security@xxxxxxxxxx was only
> for non-public security problems, though.  Maybe there needs to be a
> 'security maintainer' separate from that list?  Or maybe there is one
> and I just didn't find that person in MAINTAINERS?

No, you did it correctly, as per Documentation/SecurityBugs.

And, from the MAINTAINERS file:
	SECURITY CONTACT
	P:      Security Officers
	M:      security@xxxxxxxxxx
	S:      Supported

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/