On Thu, Feb 08, 2001 at 06:03:00PM -0500, [EMAIL PROTECTED] wrote:
> Thanks to Solar Designer for finding the sysctl bug, and
> for the versions of the sysctl and ptrace patches we used.
Thanks for crediting me, but actually it's Chris Evans who found the
sysctl bug that affects Linux 2.2. I only provided patches.
I found a very similar sysctl "signedness" bug a few years back,
fixed in Linux 2.0.34, but it's not an issue on Linux 2.2. So all
credit for the discovery of this new bug is to Chris Evans.
As I am posting this anyway, -- these two fixes (but _not_ the DoS
one, yet) are included in 2.2.18-ow4 and 2.0.39-ow2 patches, which
I've just released:
http://www.openwall.com/linux/
Actually, 2.0.39 only needed the execve/ptrace race condition fix.
--
/sd
