Re: [security] Big problem on 2.0.x? (fwd)

Mike A. Harris (mharris@meteng.on.ca)
Wed, 15 Dec 1999 00:53:16 -0500 (EST)


On Mon, 13 Dec 1999, Daniel Ryde wrote:

>Hello ppl.
>
>
>Last week i was playing with my old linux 2.0.36 i486 box, while i was playing with the command ping and trying combinations of commands
>i found that when u do a ping -s 65468 -R ANYIPADDRESS ( -R record route) the system starts to print on the screen kernel dumps
>, freezes complitely and after few secconds the system reboots.
>
>The major problem with this (if this is a bug, because i dont have time to install differents kernels and test it better) is that command can be run by everyone
>because you dont need root permissions to make a -R.
>
>I tested this on a 2.0.35 and .36 (both slackware), when u try to do this on a 2.2.x the system prints out "message too long".
>I think the problem is that there is a size-check missed when u reach the maximun packet size and u put the route information, but anyway
>i am not a guru on kernels.
>
>So, now is time for the kernel experts :)

chmod u-s ping

I doubt you'll see a 2.0.39 kernel come out the doors. Alan is
maintaining 2.2.x right now, and looks like 2.3 is entering code
freeze, so 2.4 will be out in a few months. The likelyhood of
anyone maintaining 2.0.x is slim, or at best - slow.

Also, if you are using a patched kernel with ANY external
patches, it is unlikely anyone will care much about any problems
that you have, except perhaps the authors of the patches. If you
can replicate any problems on a stock kernel, you may get some
answers though.

Good luck!
TTYL

--
Mike A. Harris                                     Linux advocate     
Computer Consultant                                  GNU advocate  
Capslock Consulting                          Open Source advocate

Join the FreeMWare project - the goal to produce a FREE program in which you can run Windows 95/98/NT, and other operating systems.

http://www.freemware.org

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/