Re: [stable] Re: Linux 2.6.17.4

From: Greg KH
Date: Thu Jul 06 2006 - 19:56:38 EST

Next message: Greg KH: "Re: Implement class_device_update_dev() function"
Previous message: Chase Venters: "Re: Linux 2.6.17.4"
In reply to: Chase Venters: "Re: Linux 2.6.17.4"
Next in thread: Marcel Holtmann: "Re: Linux 2.6.17.4"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jul 06, 2006 at 06:24:23PM -0500, Chase Venters wrote:
> On Thursday 06 July 2006 17:28, Greg KH wrote:
> > case PR_SET_DUMPABLE:
> > - if (arg2 < 0 || arg2 > 2) {
> > + if (arg2 < 0 || arg2 > 1) {
> > error = -EINVAL;
> > break;
> > }
>
> Am I staring at this crooked, or not looking deep enough? My manual page for
> prctl says 2 is valid there. Specifically:
>
> Since kernel 2.6.13, the value 2 is also permitted; this causes
> any binary which normally would not be dumped to be dumped read-
> able by root only. (See also the description of
> /proc/sys/fs/suid_dumpable in proc(5).)
>
> ...has something changed, and my manpages don't reflect it? Did I miss a
> conversation about this?

Please refer to the CVE number for details.

thanks,

greg k-h
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Greg KH: "Re: Implement class_device_update_dev() function"
Previous message: Chase Venters: "Re: Linux 2.6.17.4"
In reply to: Chase Venters: "Re: Linux 2.6.17.4"
Next in thread: Marcel Holtmann: "Re: Linux 2.6.17.4"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]