Re: Linux 2.2.16

Khimenko Victor (khim@sch57.msk.ru)
Sat, 10 Jun 2000 09:59:14 +0400 (MSD)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: James Sutherland: "Re: Floppy handling"
Previous message: Steven S. Dick: "Re: maybe a buffers bug? - Re: NTFS module is buggy"
Maybe in reply to: Alan Cox: "Linux 2.2.16"

In <39412B25.87C7E2DB@netus.com> Christopher McCrory (chrismcc@netus.com) wrote:
> Hello...

> Alan Cox wrote:
>>
>> Linux 2.2.16 security release
>>
>> The following security problems are fixed by this release
>>
>> o Setuid applications. even when correctly checking for failures of
>> setuid() calls could fail to drop priviledges if the invoker had
>> made certain adjustments to the capability sets
>>

> I didn't see this infomation stated anywhere. When was this code
> introduced?

In 2.2.16pre6 / 2.4.0-test1-ac7 ... It was discussed in long thread
named "Capabilities bug(s) / implementation inconsistencies" ...

> Does it effect all 2.2.x ?

Yes.

> 2.3.x ?

Yes.

> 2.0.x ?

Probably not.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: James Sutherland: "Re: Floppy handling"
Previous message: Steven S. Dick: "Re: maybe a buffers bug? - Re: NTFS module is buggy"
Maybe in reply to: Alan Cox: "Linux 2.2.16"