LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

2.6.32.9 Release notes

2.6.32.9 Release notes

Posted Feb 23, 2010 1:48 UTC (Tue) by spender (subscriber, #23067)
In reply to: 2.6.32.9 Release notes by ebiederm
Parent article: 2.6.32.9 Release notes

Yea I find it fascinating too that the code you wrote that introduced the bug was also fixed by you with a commit message missing the original details about chmod from the bug reporter (available here: http://lkml.org/lkml/2010/1/20/168) and mentioning "Resulting in overly restrictive permissions on sysfs files" yet apparently with the knowledge that it was a security issue wasn't picked up by a non-security person as a security issue.

Same goes for all those sysctl vulnerabilities you claimed before that weren't fixed by anything but your sysctl rewrite. I mean, those vulnerabilities should be utterly obvious to any backporter!

I'm simply shocked.

-Brad

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds