[rsbac] Critical bug in PaX, please update!
murf
murf at post.cz
Sun Mar 6 15:08:18 CET 2005
Hello!
workaround is only for 2.4 kernels, not for 2.6 ones.
AFAIK Its true that PAX will be terminated, but somebody
will continue - spender or anyone blessed by pipacs.
If you use kernels 2.6 and have only CONFIG_PAX_PAGEEXEC enabled,
then your system is not vulnerable ;-).
Regards,
murf
========================================================================
- From the original announcement this config is affected since
CONFIG_PAX_SEGMEXEC=y (even if CONFIG_PAX_RANDEXEC is not set). The
announcement says that mitigation is possibile by changing parameters in
/proc/sys/vm/pagetable_cache, which does not exist in these kernels. I
guess this means for these kernels the only way is to update.
Is it true that on 1st April, 2005 the PaX project will be terminated?
Andrea
More information about the rsbac
mailing list