Re: [PATCH] Re: Local root exploit with kmod and modutils > 2.1.121

From: Keith Owens (kaos@ocs.com.au)
Date: Thu Nov 16 2000 - 17:00:16 EST

Next message: Alan Cox: "Re: RFC: "SubmittingPatches" text"
Previous message: Jeff Garzik: "Re: [CFT] dmfe.c network driver update for 2.4"
In reply to: Xavier Bestel: "[PATCH] Re: Local root exploit with kmod and modutils > 2.1.121"
Next in thread: H. Peter Anvin: "Re: [PATCH] Re: Local root exploit with kmod and modutils > 2.1.121"
Reply: H. Peter Anvin: "Re: [PATCH] Re: Local root exploit with kmod and modutils > 2.1.121"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 16 Nov 2000 22:21:52 +0100,
Xavier Bestel <xavier.bestel@free.fr> wrote:
>as modprobe (insmod) args parsing seems POSIX compliant, we should put a
>"--" before
>what should be interpreted only as a textual argument, not as an option.
>This is a lot safer: whatever is passed, modprobe will take it as a module
>name.

That only solves one of the two exploit methods. modutils 2.3.20
solves both without any kernel changes, mainly so it fixes the problem
on all kernels, including 2.2.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alan Cox: "Re: RFC: "SubmittingPatches" text"
Previous message: Jeff Garzik: "Re: [CFT] dmfe.c network driver update for 2.4"
In reply to: Xavier Bestel: "[PATCH] Re: Local root exploit with kmod and modutils > 2.1.121"
Next in thread: H. Peter Anvin: "Re: [PATCH] Re: Local root exploit with kmod and modutils > 2.1.121"
Reply: H. Peter Anvin: "Re: [PATCH] Re: Local root exploit with kmod and modutils > 2.1.121"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Thu Nov 23 2000 - 21:00:11 EST