Re: Security patch for 2.6.2
From: Nicholas Miell
Date: Tue Feb 10 2004 - 13:29:25 EST
On Tue, 2004-02-10 at 08:47, Valdis.Kletnieks@xxxxxx wrote:
> On Tue, 10 Feb 2004 17:16:37 +0100, Markus Gaugusch said:
> > On Feb 10, David PospÃÂil <foton2@xxxxxxx> wrote:
> >
> > > Where can I find security patch for 2.6.2 ?
> > > Problem : look at this site : http://www.securityfocus.com/archive/1/353217
> > > It is remote root exploit :-(
> > No, it is local root exploit. And the patch is attached to that posting.
>
> Is the *real* problem here that smbfs doesn't understand the moral
> equivalent of 'mount -o nosuid/nodev/noexec/no-etc'?
No, the real problem is that both SAMBA 3 and Linux 2.6.x support the
CIFS Extensions for Unix and the guy who complained to BUGTRAQ doesn't
get this.
(BTW, nosuid/nodev/noexec are handled by the VFS, not the individual fs
drivers.)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/