LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Speaking with code

Speaking with code

Posted Jul 25, 2009 12:40 UTC (Sat) by nix (subscriber, #2304)
In reply to: Speaking with code by spender
Parent article: Quotes of the week

I'm curious: since they've said they don't think it's a bug (more an
expected tradeoff: if you run SELinux without useful policy this is what
you get, and no, I don't agree with that either), why would *they* give it
a CVE?

(Log in to post comments)

Speaking with code

Posted Jul 25, 2009 12:53 UTC (Sat) by spender (subscriber, #23067) [Link]

Well, perhaps because they asked me to cancel the CVE request I put in (which I still haven't gotten a response from) so that they would submit their own:

Brad Spengler wrote:
>> Let me get back to you on this.
>
> I've contacted the relevant people to request a CVE for the issue, as
> the previous bypass of mmap_min_addr was given a CVE back in 2007; this
> should be no different.

Thanks Brad.

Can you cancel the request? I will assign one (faster), and provide you
with the proper credits in the errata.

-Brad

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds