Re: Linux 2.2.16

• Next message: James Sutherland: "Re: Floppy handling"
• Previous message: Steven S. Dick: "Re: maybe a buffers bug? - Re: NTFS module is buggy"
• In reply to: Alan Cox: "Linux 2.2.16"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In <39412B25.87C7E2DB@netus.com> Christopher McCrory (chrismcc@netus.com) wrote:
> Hello...

> Alan Cox wrote:
>>
>> Linux 2.2.16 security release
>>
>> The following security problems are fixed by this release
>>
>> o Setuid applications. even when correctly checking for failures of
>> setuid() calls could fail to drop priviledges if the invoker had
>> made certain adjustments to the capability sets
>>

> I didn't see this infomation stated anywhere. When was this code
> introduced?

In 2.2.16pre6 / 2.4.0-test1-ac7 ... It was discussed in long thread
named "Capabilities bug(s) / implementation inconsistencies" ...

> Does it effect all 2.2.x ?

Yes.

> 2.3.x ?

Yes.

> 2.0.x ?

Probably not.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: James Sutherland: "Re: Floppy handling"
• Previous message: Steven S. Dick: "Re: maybe a buffers bug? - Re: NTFS module is buggy"
• In reply to: Alan Cox: "Linux 2.2.16"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Thu Jun 15 2000 - 21:00:20 EST