RE: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels

> -Original Message- > From: Shri Shrikumar [mailto:[EMAIL PROTECTED] > Sent: Saturday, March 29, 2003 7:39 AM > To: [EMAIL PROTECTED] > Subject: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels > > Does that mean that a kernel that has module loading disabled i

Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels

Rob Weir said: > Hmm, I'm not really sure. I've read the discussion on lkml, but a lot of > it went over my head. I think the answer is 'yes, for this > particular one', but the root issue here could also lead to other > vulnerabilities. I'm still following that discussion, so I'll post if I >

Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels

On Sat, Mar 29, 2003 at 12:38:41PM +, Shri Shrikumar wrote: > On Sat, 2003-03-29 at 03:54, Rob Weir wrote: > > No, that is odd. Another short-term fix is to > > 'echo SaveMeJeebus > /proc/sys/kernel/modprobe', which disables the > > module loading that is part of the problem. > > Does that m

Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels

On Sat, 2003-03-29 at 03:54, Rob Weir wrote: > On Fri, Mar 28, 2003 at 11:12:25AM +0300, DouRiX wrote: > > DouRiX wrote: > > > > > >Hi everybody, > > > > > >Does someone know where is debian about this issue ? > > > > > > > > > > I see that there is already an updat

Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels

On Fri, Mar 28, 2003 at 11:12:25AM +0300, DouRiX wrote: > DouRiX wrote: > > > >Hi everybody, > > > >Does someone know where is debian about this issue ? > > > > > > I see that there is already an update but only for mips, do you know why ? No, that is odd. Another

Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels

On Fri, 28 Mar 2003 10:38:14 +0300 DouRiX <[EMAIL PROTECTED]> wrote: > > Hi everybody, > > Does someone know where is debian about this issue ? > > I already have the patched 2.4.20 kernel, so I know it's available. I don't know about the others, but I doubt i