A nasty local kernel vulnerability
Posted Feb 27, 2013 11:12 UTC (Wed) by khim
In reply to: A nasty local kernel vulnerability
Parent article: A nasty local kernel vulnerability
If I understand the earlier discussion correctly, the PoC exploit doesn't automatically determine the offsets, but other code exists to do that.
Yes, that's true, but can you glean this information from summarily unhelpful looks like you shouldn't be giving out advices (i thought you'd learned that in the past already ;). reading the actual exploit (never mind the posted output) would help explain why it didn't work on the 3.8 kernel message?
Yes, message is 100% correct, but as we now know thread opener already knew just why exploit does not work — but he probably had no idea if there are exist code which can automatically find offsets or not. And instead of giving him the useful information the only thing message contained is sneers.
As per your comment earlier, it's still not a massive problem for many specific entities, even if it's still a significant problem for the general internet eco-system (giving bad people control of things to use as staging posts for further bad stuff, etc.).
Right, but can you ever find this information (the only information interesting for average LWN reader) in PaX && Brad opuses? Nope. But you'll find plenty of riddles and endless hubris in them. Not a good way to attract people's attention, really.
to post comments)