On Tue, 2004-12-28 at 22:15, Lee Revell wrote: > On Tue, 2004-12-28 at 21:51 -0800, Fernando Lopez-Lezcano wrote: > > On Tue, 2004-12-28 at 13:35, Lee Revell wrote: > > > On Tue, 2004-12-28 at 13:17 -0800, Fernando Lopez-Lezcano wrote: > > > > On Tue, 2004-12-28 at 12:28, Lee Revell wrote: > > > > > On Mon, 2004-12-27 at 14:41 +0100, Frank Barknecht wrote: > > > > > > Read on here: > > > > > > http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2004-12/0390.html > > > > > > > > > > Wow, this is a HORRIBLE bug. > > > > > > > > Indeed. I tried it and it works. Someone should have been pointing a > > > > camera at me to capture the "moment" :-) Spent the better part of > > > > yesterday building new Planet CCRMA kernels without this "feature". > > > > > > Yes, fortunately realtime-lsm does not depend on the capability module. > > > Still, I would expect that many audio users load it out of confusion. > > > > At least in FC3 the capability module is not a module, it is built into > > the kernel. Thus the problem, the realtime lsm does not work (tried it) > > if capability is built into the kernel, apparently the two modules can't > > be stacked, it is one or the other. So, any low latency kernel that > > wants to use realtime lsm is, I think, going to be affected. > > No, the capability module that is referred to in the advisory is the > POSIX capabilities module. I have this configured as a module on my > system, but never load it and realtime-lsm does not depend on it. > realtime-lsm only depnds on the "commoncap" module.
> > So, any low latency kernel that > > wants to use realtime lsm is, I think, going to be affected. Why I think this is a yes. Any kernel that wants to use the realtime-lsm will have to either not build the POSIX capabilities lsm, or build it as a module. In the later case the system will be vulnerable. The realtime-lsm does not depend on the POSIX capabilities lsm but it forces you to build it as a module, exposing the vulnerability, which maybe I misunderstood as not being present if you build with the POSIX lsm into the kernel (as opposed to building it as a module). I do understand that loading the realtime lsm only does not create a vulnerability (other than well known possibilities of DOS attacks by mean linux audio users :-) -- Fernando
