* Re: [parisc-linux] Security Hole in binfmt_som.c ?
[not found] <3F509BBD.2040007@hrzpub.tu-darmstadt.de>
@ 2003-08-30 13:15 ` Matthew Wilcox
2003-08-30 13:49 ` Alan Cox
0 siblings, 1 reply; 5+ messages in thread
From: Matthew Wilcox @ 2003-08-30 13:15 UTC (permalink / raw)
To: Ruediger Scholz; +Cc: parisc-linux, linux-kernel
On Sat, Aug 30, 2003 at 02:42:37PM +0200, Ruediger Scholz wrote:
> binfmt_som.c:216:2: #error "Fix security hole before enabling me"
> What's this message about?
I don't know. I wish someone would tell me. You'd think they'd have the
decency to contact the person listed as the author at the top of the file.
--
"It's not Hollywood. War is real, war is primarily not about defeat or
victory, it is about death. I've seen thousands and thousands of dead bodies.
Do you think I want to have an academic debate on this subject?" -- Robert Fisk
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [parisc-linux] Security Hole in binfmt_som.c ?
2003-08-30 13:15 ` [parisc-linux] Security Hole in binfmt_som.c ? Matthew Wilcox
@ 2003-08-30 13:49 ` Alan Cox
2003-08-30 13:59 ` Matthew Wilcox
2003-09-01 8:00 ` Joel Soete
0 siblings, 2 replies; 5+ messages in thread
From: Alan Cox @ 2003-08-30 13:49 UTC (permalink / raw)
To: Matthew Wilcox; +Cc: Ruediger Scholz, parisc-linux, Linux Kernel Mailing List
On Sad, 2003-08-30 at 14:15, Matthew Wilcox wrote:
> On Sat, Aug 30, 2003 at 02:42:37PM +0200, Ruediger Scholz wrote:
> > binfmt_som.c:216:2: #error "Fix security hole before enabling me"
> > What's this message about?
>
> I don't know. I wish someone would tell me. You'd think they'd have the
> decency to contact the person listed as the author at the top of the file.
Actually explanations were posted in the previous discussion on this on
parisc-list.
Someone has to do the equivalent of the 2.4.22 binfmt_elf changes if
neccessary so that another thread can't change the file handles or
steal the exec fd being passed to the loader.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [parisc-linux] Security Hole in binfmt_som.c ?
2003-08-30 13:49 ` Alan Cox
@ 2003-08-30 13:59 ` Matthew Wilcox
2003-08-30 23:33 ` Alan Cox
2003-09-01 8:00 ` Joel Soete
1 sibling, 1 reply; 5+ messages in thread
From: Matthew Wilcox @ 2003-08-30 13:59 UTC (permalink / raw)
To: Alan Cox
Cc: Matthew Wilcox, Ruediger Scholz, parisc-linux, Linux Kernel Mailing List
On Sat, Aug 30, 2003 at 02:49:50PM +0100, Alan Cox wrote:
> On Sad, 2003-08-30 at 14:15, Matthew Wilcox wrote:
> > On Sat, Aug 30, 2003 at 02:42:37PM +0200, Ruediger Scholz wrote:
> > > binfmt_som.c:216:2: #error "Fix security hole before enabling me"
> > > What's this message about?
> >
> > I don't know. I wish someone would tell me. You'd think they'd have the
> > decency to contact the person listed as the author at the top of the file.
>
> Actually explanations were posted in the previous discussion on this on
> parisc-list.
Um, I can't find it, and neither can Google:
http://www.google.com/search?q=binfmt_som+security&as_q=%5Bparisc-linux&btnG=Google+Search&as_sitesearch=lists.parisc-linux.org
> Someone has to do the equivalent of the 2.4.22 binfmt_elf changes if
> neccessary so that another thread can't change the file handles or
> steal the exec fd being passed to the loader.
Hm, ok, I'll take a look later this weekend if no-one gets to it first.
--
"It's not Hollywood. War is real, war is primarily not about defeat or
victory, it is about death. I've seen thousands and thousands of dead bodies.
Do you think I want to have an academic debate on this subject?" -- Robert Fisk
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [parisc-linux] Security Hole in binfmt_som.c ?
2003-08-30 13:59 ` Matthew Wilcox
@ 2003-08-30 23:33 ` Alan Cox
0 siblings, 0 replies; 5+ messages in thread
From: Alan Cox @ 2003-08-30 23:33 UTC (permalink / raw)
To: Matthew Wilcox; +Cc: Ruediger Scholz, parisc-linux, Linux Kernel Mailing List
On Sad, 2003-08-30 at 14:59, Matthew Wilcox wrote:
> Um, I can't find it, and neither can Google:
> http://www.google.com/search?q=binfmt_som+security&as_q=%5Bparisc-linux&btnG=Google+Search&as_sitesearch=lists.parisc-linux.org
Humm I thought it was on this list. Maybe lkml then
Whatever the basic problem is we have kernel loaders and
user threads sharing a file table unsafely
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [parisc-linux] Security Hole in binfmt_som.c ?
2003-08-30 13:49 ` Alan Cox
2003-08-30 13:59 ` Matthew Wilcox
@ 2003-09-01 8:00 ` Joel Soete
1 sibling, 0 replies; 5+ messages in thread
From: Joel Soete @ 2003-09-01 8:00 UTC (permalink / raw)
To: Alan Cox
Cc: Matthew Wilcox, Ruediger Scholz, parisc-linux, Linux Kernel Mailing List
Alan Cox wrote:
>On Sad, 2003-08-30 at 14:15, Matthew Wilcox wrote:
>
>
>>On Sat, Aug 30, 2003 at 02:42:37PM +0200, Ruediger Scholz wrote:
>>
>>
>>>binfmt_som.c:216:2: #error "Fix security hole before enabling me"
>>>What's this message about?
>>>
>>>
>>I don't know. I wish someone would tell me. You'd think they'd have the
>>decency to contact the person listed as the author at the top of the file.
>>
>>
>
>Actually explanations were posted in the previous discussion on this on
>parisc-list.
>
>Someone has to do the equivalent of the 2.4.22 binfmt_elf changes if
>neccessary so that another thread can't change the file handles or
>steal the exec fd being passed to the loader.
>
>
>
Yes Alan, it was:
<http://lists.parisc-linux.org/pipermail/parisc-linux/2003-July/020386.html>
Sorry Willy I trusted that you read it (My bad next time I will advise
you directly)
Joel
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2003-09-01 8:00 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <3F509BBD.2040007@hrzpub.tu-darmstadt.de>
2003-08-30 13:15 ` [parisc-linux] Security Hole in binfmt_som.c ? Matthew Wilcox
2003-08-30 13:49 ` Alan Cox
2003-08-30 13:59 ` Matthew Wilcox
2003-08-30 23:33 ` Alan Cox
2003-09-01 8:00 ` Joel Soete
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).