This is joke, right? Or do you really misunderstood the simple issue?
Posted Mar 8, 2008 17:02 UTC (Sat) by khim
In reply to: GCC 4.3.0 exposes a kernel bug
Parent article: GCC 4.3.0 exposes a kernel bug
If you allow anyone to inject code in your executables you are hosed already. And if don't - you can not exploit this bug. Prerequisites are harsh: gcc 4.3-compiled priveleged daemon and kernel below 2.6.25 ...
Perhaps kernels compiled with gcc < 4.3
May be it's good idea to read the article? It does not matter if your kernel is compiled with gcc 4.2 or gcc 4.3. The question is about things like login or sshd. They must be compiled with gcc 4.3 - only then you can have a problem.
It's not admin-friendly to rely on older kernel source not being built
with the latest gcc.
Yup. But that's one and only solution. Why? Kernel pushes gcc to the limit and so kernels always support finite range of compilers supported. "GCC version between x.y.z and x1.y1.z1" was (and is) the only supported mode. If you plan to use kernel 2.6.24 compiled with gcc 4.3 then you should plan to reinstall the system shortly afterwards. If was never supported, and it will not be supported - to compile the kernel with compiler newer then the kernel is insanity.
Past experience with "apparently unexploitable" flaws, tends to suggest
that correcting the code is the only safe option.
Code is already corrected - now the question is about deployment...
to post comments)