I guess the question is, was it really a cover up? As I read what Linus wrote in the commit log, where he mentions both "/proc/<pid>/mem" and "doesn't match the permission checking" as well as "if you hold the file descriptor open over an execve(), you'll continue to read from the _old_ VM", that to me reads security vulnerability all over it.
He mentioned this as a bug fix, not a security fix. Does he really need to specify "this fixes a privilege escalation vulnerability"? Some say yes, some say no, but both choices are *opinions*!
Actually, what was left out of the article is more damning to Torvalds than what was in the article. I just read the full commit log, and if anything, this part I would consider the most incriminating against him:
"If somebody actually finds a load where this matters, we'll need to revert this commit"
One would not want to revert a commit that is a security fix. And even Linus stated that once.
I'm friends with Jake, and have had many a beer with him discussing lots of topics. As I read this article, I could hear his opinion slipping into what he wrote. Maybe, it's just me. Jake's a good guy, but he also human (that's a strike against us all). I was just stating that this article seemed to have a little more opinion in it than in other articles.