On 2010-11-18, Ben Hutchings <[email protected]> wrote:
>
> --=-ukGC3PFRUIR65dSYwt1Z
> Content-Type: text/plain; charset="UTF-8"
> Content-Transfer-Encoding: quoted-printable
>
> Unlike device or filesystem modules, most protocol modules may be auto-
> loaded on behalf of local users without any special capabilities. This
> means that security vulnerabilities in such protocol modules may be
> exploitable by local users even on a system where there is no need for
> the protocol.
What about CAN? It also had one or two privilege escalations in the
past and seems to be used only in special purpose embedded setups.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: http://lists.debian.org/[email protected]
