Comparing, how? There is no comparison.
The ptrace bug is only one of several local root holes. IIS would imply
a remote vulnerability, something _far_ more serious.
This specific ptrace hole is closed, yay. Now what about the other
10,001 that still exist? People are blowing this ptrace bug WAY
out of proportion. The only reason why it demands a modicum of
vendor responsibility is that a-holes are making easy-to-use exploits
available for the script kiddies.
In my more cynical moods, I wish bugtraq'ers would start posting
exploits to all the races in GNU coreutils (cp/mv/rm/...). Assuming
such actions would (finally) lead to bug fixes.... maybe then I will
start taking local root holes a bit more seriously. I will no more
than hint about this in public, but will respond privately with details
(if I know you).
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to email@example.com
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/