On Sat, 5 Apr 2003, Geoffrey Lee wrote: Seems this security hole has solved already.
kernel-source-2.4.20 (2.4.20-3woody.3) stable; urgency=low * Made ptrace fix compile on alpha. -- Herbert Xu <[EMAIL PROTECTED]> Wed, 19 Mar 2003 20:41:31 +1100 kernel-source-2.4.20 (2.4.20-3woody.2) stable; urgency=low * Fixed ptrace security hole. -- Herbert Xu <[EMAIL PROTECTED]> Tue, 18 Mar 2003 20:39:44 +1100 > On Sat, Apr 05, 2003 at 04:01:03PM +0800, Rex Tsai wrote: > > > > 在 Debian 系統上,舊的核心還有 ptrace 的 bug,以下這個模組可以暫時的防止這 > > 個問題。 > > > > > Please add MODULE_LICENSE or you will taint your kernel ... :-) > > > Also there is a slight problem with using sys_call_table to change > system calls (but should not be serious) > > > -- G. > > -- > char p[] = "\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b" > "\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\x31\xdb\x89\xd8\x40\xcd" > "\x80\xe8\xdc\xff\xff\xff/bin/sh"; > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > ------------------------[ Taiwan Linux User Group ]----------------------- Andrew Lee cell.: +886 932 394 697 System & IT Consultant phone @work: +886 2 2242 6189 Chinese GNU/Linux Extensions Red Hat Certified Engineer
