[rsbac] Bugfixing the kernel uselib vulnerability
Amon Ott
ao at rsbac.org
Wed Jan 12 15:08:17 CET 2005
On Mittwoch 12 Januar 2005 11:29, Andrea Pasquinucci wrote:
> On Mon, Jan 10, 2005 at 05:01:52PM +0100, Amon Ott wrote:
> * The pre-patched RSBAC kernels do not contain third party fixes, it
is
> * impossible to maintain all these patches here!
>
> I perfectly understand your point, but this creates sometimes a
problem
> for people like me. Little explanation, I do not have the time right
now
> to try to patch the kernel (2.6.10 or 2.4.28) with the security
fixes,
> then try to patch it with rsbac and if succesfull try to compile and
if
> succesful try it on a machine just to discover that it crashes
(kernel
> panic on boot). Obviously I did something wrong... But I do not have
the
> time right now to do anything else, so I have to decide if to keep a
> buggy kernel with rsbac or to use a patched vendor kernel without
rsbac.
> Today I decided for the vendor kernel and to wait until there will
be a
> patched rsbac kernel (hopefully with 2.6.11).
>
> I suspect that there are many in my situation. So I have a
suggestion,
> can we try to produce pre-patched RSBAC kernel with the main
security
> fix ? If we are in at least a few in my situation is also silly that
all
> of us do the same thing (try to apply the security fix) whereas by
> sharing the result we would help each other out.
One thing we could do is to have another subversion tree, which
includes all RSBAC and third party security bugfixes, and which gets
rolled into a complete kernel after every change.
We would really need people maintaining this tree and testing it,
though.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
-------------- nächster Teil --------------
Ein Dateianhang mit Bin?rdaten wurde geschreddert...
Dateiname : nicht verf?gbar
Dateityp : application/pgp-signature
Dateigr??e : 189 bytes
Beschreibung: nicht verf?gbar
URL : http://www.rsbac.org/pipermail/rsbac/attachments/20050112/b01e1048/attachment.bin
More information about the rsbac
mailing list