[rsbac] Fwd: Re: Will 2.4.20 Source be patched for the latest kernel vulnerability?

Amon Ott ao at rsbac.org
Tue Dec 2 14:45:08 CET 2003

On Dienstag, 2. Dezember 2003 14:27, Dmitry V. Levin wrote:
> On Tue, Dec 02, 2003 at 02:15:58PM +0100, Amon Ott wrote:
> > Just found a workaround for the 2.4 sys_brk bug. It seems sufficient to 
> > the address space to max. 2GB, e.g. using RSBAC RES module:
> No, it is not sufficient, sorry.
> There is nothing in RSBAC which prevents the binary to be linked at a higher
> address, right?

Nothing helps but fixing the kernel bug, see my latest posting. I fear, none 
of the existing kernel security extensions can limit this bug's effects.

All of you certainly know that RSBAC, like the other kernel extensions, must 
rely on the kernel's correct implementation. Once you enter kernel space, 
there is no more security - this is a major disadvantage of its monolithic 

http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22

More information about the rsbac mailing list