WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki

Author Topic: Linux Kernel Security  (Read 2773 times)

Offline robc

  • Sr. Member
  • ****
  • Posts: 447
Linux Kernel Security
« on: November 04, 2009, 12:37:31 PM »
Here is an article about a security bug in the kernel. Not sure if this applies directly to TCL but still of interest....
http://www.theregister.co.uk/2009/11/03/linux_kernel_vulnerability/

Another, I don't think this guy likes the kernel team very much...
http://www.theregister.co.uk/2009/07/17/linux_kernel_exploit/
"Never give up! Never surrender!" - Commander Peter Quincy Taggart

"Make it so." - Captain Picard

Offline gerald_clark

  • TinyCore Moderator
  • Hero Member
  • *****
  • Posts: 4254
Re: Linux Kernel Security
« Reply #1 on: November 04, 2009, 12:57:31 PM »
Funny how they admit that the compiler removed the check, but still want to blame the kernel developers.
Shouldn't they be pointing fingers at the gcc team?

Offline curaga

  • Administrator
  • Hero Member
  • *****
  • Posts: 11027
Re: Linux Kernel Security
« Reply #2 on: November 06, 2009, 02:54:18 PM »
The article says every version before .32, so we would be vulnerable. But the exploit is a local one, and also requires setuid for the binary - not very likely to happen.
The only barriers that can stop you are the ones you create yourself.