LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

A hole in PaX

A hole in PaX

Posted Mar 17, 2005 13:34 UTC (Thu) by PaXTeam (subscriber, #24616)
Parent article: A hole in PaX

just some more info for the record.

1. technical details are here: https://www.immunitysec.com/pipermail/dailydave/2005-Marc...

2. the advisory has a typo, the correct year is 2002, so the bug was 2.5 years old.

3. for dang: you can't judge a person's maturity without knowing all the reasons for his decision, right? because it looks like you haven't bothered to read the advisory and therefore missed the "and other reasons" part.

4. i'm not sure what my 'harsh criticism' has to do with this bug, but if you're bothered by it, you should probably write an article on it and discuss the points i have made, they're relevant for all linux users after all (and i'll be happy to explain/prove my points again).

5. users won't be left completely unsupported (Brad and others have already offered their support), and on the practical side, the 2.2/2.4 patches will apply easily to future releases, while 2.6 won't be fit for any security relevant environment in the near future, so there's no actual loss there either.

(Log in to post comments)

A hole in PaX

Posted Mar 18, 2005 21:05 UTC (Fri) by huaz (guest, #10168) [Link]

> 3. for dang: you can't judge a person's maturity without knowing all the
> reasons for his decision, right? because it looks like you haven't
> bothered to read the advisory and therefore missed the "and other
> reasons" part.

I thought I would find what those "other reasons" are, but there aren't. It seems the advisory confirms that this bug WAS the reason that the author decided to abandon it.

Does it mean that the author realized the PaX design was fundamentally flawed in the current kernel, anyway?

A hole in PaX

Posted Mar 26, 2005 23:09 UTC (Sat) by PaXTeam (subscriber, #24616) [Link]

the other reasons are private matter, if they weren't, they would be public knowledge. as for the "PaX design was fundamentally flawed in the current kernel", what are you talking about? to my knowledge, there're no design errors in PaX, only implementation ones. if you know otherwise, you know where to contact me or let the world know (if for no other reason than to make things better).

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds