Re: RFC: security fixes to stable kernels

Erik Corry (erik@arbat.com)
Thu, 9 Jul 1998 17:41:49 +0200

On Thu, Jul 09, 1998 at 04:15:10PM +0100, Alan Cox wrote:
> Erik wrote:
> > And it's still not out.
> >
> > I'd like to support the first suggestion. If the 34-35 patch
> > was a three-liner, then it would be out by now. As it is,
>
> It isnt a three liner.

--- fcntl.c Tue Jun 30 02:03:34 1998
+++ fcntl.c Tue Jun 30 02:03:52 1998
@@ -134,7 +134,7 @@
match = -p->pgrp;
if (pid != match)
continue;
- if (!euid &&
+ if (euid &&
(euid ^ p->suid) && (euid ^ p->uid) &&
(uid ^ p->suid) && (uid ^ p->uid))
continue;
(2.1.107)
--- fcntl.c Tue Jun 30 02:00:08 1998
+++ fcntl.c Tue Jun 30 02:00:38 1998
@@ -191,7 +191,7 @@
match = -p->pgrp;
if (pid != match)
continue;
- if (!euid &&
+ if (euid &&
(euid ^ p->suid) && (euid ^ p->uid) &&
(uid ^ p->suid) && (uid ^ p->uid))
continue;

It's a two-liner.

> Its about 2/3rds of the code which is changed
> apart from the clearly seperated add on items.

That's exactly why this fix should be the only thing in 2.0.35

> And its several fixes, one
> of which isn't released in a 2.0.35 beta yet because it was found after
> pre5 and Im still testing it and that does need to be in .35 proper.

Well, AFAIKS, your other security hole isn't as well
known as the SIGIO issue, so leaving it to .36 seems
reasonable. A 35 release like the above wouldn't delay
the next real release.

-- 
Erik Corry


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu