Re: [PATCH] proc: avoid leaking eip, esp, or wchan tonon-privileged processes (fwd)
From: Greg KH
Date: Mon May 04 2009 - 10:49:23 EST
On Sun, May 03, 2009 at 07:11:24PM -0600, Jake Edge wrote:
> On Mon, 4 May 2009 09:27:29 +1000 (EST) James Morris wrote:
> > This patch needs some review.
>
> Indeed.
>
> > Note that stable@xxxxxxxxxx typically backport already-reviewed and
> > applied patches. I think security@xxxxxxxxxx is for reporting
> > problems in a non-public way (whereas, this is already public
> > knowledge).
>
> I realize (now :) that I didn't get this out to all of the right folks,
> thanks for doing that. I didn't realize security@xxxxxxxxxx was only
> for non-public security problems, though. Maybe there needs to be a
> 'security maintainer' separate from that list? Or maybe there is one
> and I just didn't find that person in MAINTAINERS?
No, you did it correctly, as per Documentation/SecurityBugs.
And, from the MAINTAINERS file:
SECURITY CONTACT
P: Security Officers
M: security@xxxxxxxxxx
S: Supported
thanks,
greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/