Hello. Two bugs were discovered in ccs-patch-1.6.7-20090401.tar.gz .
If you use "address_group" keyword on little endian platforms (e.g. x86), due to missing byte order conversion, IPv4 address was stored in reversed order (e.g. 127.0.0.1 was stored as 1.0.0.127). As a result, permission checks using "address_group" of IPv4 addresses were done incorrectly. This bug exists in TOMOYO 1.6.5 / 1.6.6 / 1.6.7 . This bug does not affect on users who don't use "address_group" of IPv4 addresses. If you pass non ascii-printable strings to mount() request, they are printed without converting to ascii-printable strings. As a result, non ascii-printable strings are printed on console or to /proc/ccs/ interface. This bug exists in all versions since TOMOYO 1.0 . This bug does not affect on users who use profiles with "RESTRICT_MOUNT=disabled". I uploaded a hotfix, with a patch for 2.6.30-rc1 added. http://osdn.dl.sourceforge.jp/tomoyo/30297/ccs-patch-1.6.7-20090410.tar.gz MD5: cc2e663b842f3ee5f3c052b272d263d7 Thanks. P.S. Linux kernel 2.6.30-rc1 which contains TOMOYO 2.2.0 was released. You can try it from http://tomoyo.sourceforge.jp/en/2.2.x/ . _______________________________________________ tomoyo-users-en mailing list [email protected] http://lists.sourceforge.jp/mailman/listinfo/tomoyo-users-en
