Slashdot Mirror
Linux 2.4.24 Release Fixes Root Vulnerability
diegocgteleline.es writes "Linux Kernel 2.4.24 has been released and is available on kernel.org. It seems there's a bug in the mremap(2) system call, where a local user can get root privileges.The new version has been released only with the most important bugs fixed - the rest of the changes have been postponed (those changes include the XFS filesystem)."
I thought that everyone jumped to the 2.6.0 by now?
Oh wait, it's been 2 weeks already,
TIME FOR A RECOMPILE!!
do() || do_not();
Was this bug introduced in 2.4.23 or has it been in the 2.4 series all along ?
Was this one of the usual "inform, wait, release" cases, or is this one of those "oh crap! time for a fix!" cases.
In other words, should I, Joe Schmoe SysAdmin be afraid of the script kiddies yet?
Contact Me (got tired of viruses emailing me).
Users of their distribution's kernel should install upgrades when their distribution releases an update (should be soonish). Those who prefer stock kernels can grab patches from your local mirror or use my torrent (includes linux-2.4.24.tar.bz, pgp signature and 23->24 changelog).
I was just getting around to finally installing 2.4.23. All that work gone out the window.
Ignore the "p2p is theft" trolls, they're just uninformed
In this case, "-1, Flamebait" can be read as "The truth hurts, don't it?"
My experience with Linux is the same as the parent poster's: patching, patching, patching if you're up-to-date with the latest 2.x version, or running a kernel from 3 years ago if you prefer stability to tinkering.
This doesn't apply to me since I don't have Linux...yet. I plan to get a Knoppix cd, after all, it was on a PCFormat that came a while ago, if only I could find it. Although I know nothing about Linux, so some links to some beginner sites could be useful =\.
Also, is Linux more secure than Windows, because I hear a fair amount of Linux security holes more than Windows, or maybe I'm just not perceptive enough.
):
uname -a
I don't expect I'll be switching to 2.6 until May. The 2.6.1 release is very important to me as it includes a lot of patches previously rejected by Linus. I expect by May we'll have 2.6.3 at least and this kernel will be on its way to rock solid stability. As for now, 2.4 is in maintenance mode and will only be updated for bug fixes. This is great because it will replace the 2.2 kernel in this arena. But in this limbo we are in now, 2.4 is good enough for me.
Use Depenguinator on all the unpatched boxen! Let the revolution begin! >:)
#uname -a ...but I guess you are a troll...
patch -p1 < patch-2.4.24
make clean dep
make bzImage modules_install
Depending on your situation, configure your boot loader - grub or lilo - to recognize the new image.
AAAAAARGH!
It's XFS. NOT XFS Filesystem. I'm gonna do something illegal to the next person that says ATM machine, too.
...not only is there a fix already, but I didn't have to badger anyone to get it - it was announced! Off to emerge my new kernel... ;)
libertarianswag.com
For the Microsoft trolls to pick this one up.
Is this just more proof that Linux was built by amateurs? Or wait - I know - that Linux can't be trusted because the source code is open.
Now, for those who think I'm serious, think about it for a moment. Slashdot hypes up every single MS vulnerability as "proof" that MS systems are inherently insecure. And I wouldn't disagree that MS systems are insecure. But discovering a single (or a few) vulnerability doesn't make an OS insecure.
What it comes down to is vigilance and design. The numerous security holes in MS products are a result of bad design, not merely a mistake or two. And this is the big difference between this vulnerability - a mere isolated mistake - and Microsoft's complete lack of engineering which ensures that their software _will_ have security holes.
Okay, flame away Microsofties!
The society for a thought-free internet welcomes you.
unsubscribe linux-kernel
*thwack*
Ah, there goes my head on the ground...Whoops!
haha
2.6 seemed pretty good to me, except one thing: I play games like enemy territory and map times just kept getting longer and longer as I played. Only shutting down et and restarting solved it. On 2.4 the maps load at about 20-30 secs, in 2.6 it would start at that and keep getting longer, last map was over 2 minutes until I was disconnected from server.
I tried 2.6.1rc1 and with the -mm patch. Same thing. So now I'm back with 2.4.3. But in last few versions of the 2.4 series I get extreme slowdowns when using my psx pad on my lpt port. This worked fine in 2.6 and in much older kernels in the 2.4 series.
I was just looking at the gamecon.c file for 2.6 and comparing to 2.4 and noticed a PSX_DELAY value was different. I modified it to 2.6 value but same thing.
Anyone knowledgeable on this stuff tell me is it safe to use the gamecon.c from 2.6 for 2.4? Or why I would get these load times issues with 2.6?
Isn't that an oxymoron?
Well, it should be.
The coolest voice ever.
$ cat /proc/version
You confuse Linux community with Open Source community. OpenBSD is also opensource, but that doesn't mean he announced the local vulns out there that would allow any user to bring down your server. You had to complain on the obsd mailinglist and have someone send you a patch, which is really pretty sad.
Pain lasts, kid. Its how you know you're alive. Sometimes I think this growing up thing is just pain management-TheMaxx
Actually, that's your W2KAS is probably still up because it's running some spammer's trojan, and spammers have no interest in making their trojans crash boxes - in fact, spammer viruses and trojans try to be as minimal and unobtrusive as possible, doing as little as possible to jeopardise system stability.
Ok, I know that I have read here that a few groups are making new updates for RedHat 7.3, but now I can't remember which story or groups. Anybody remember which story that was. As I recall one group was going to charge $5/machine and another was going to do it for free. I don't think that Fedora Legacy ever got around to supporting the old RedHat stuff, or did they?
[End of diatribe. We now return you to your regularly scheduled programming...] - Larry Wall in Configure from the perl
Practice makes perfect.
And the l33t shall inherit the 34r7h.
Oh yeah, and script-kiddies have no intentions of turning your unsecured RedHat box into an FTP dumpsite for warez, either? And you wouldn't notice a few extra 'ftpd' processes hogging CPU and bandwidth because they've trojaned your ps, top and other binaries so it's as unobtrusive as possible?
In addition, you can forget about it being some spammer's box. The Windows server is sitting behing a Cisco PIX firewall and the only services running on the machine are IIS FTP, file sharing and Active Directory. You also don't seem to be familiar with the group policy editor, something which no Linux tool can even touch when it comes to system security.
It's a Network Interface Card, or an Ethernet card, but it's not a freaking NIC Card...
Can you ping me now? Gooood! | Manhappenin.Net - Things to do
$ uname -r
it doesn't take that long for me, fixing windows actually takes longer comparatively
Was this how the various compromises this couple of months have occured?
I know the one where the normal user password was stolen and then they mysteriously got root. Was this it?
I wouldnt brag about running IIS FTP and file services on your AD box if I was you. That is if your FTP is accessible from the outside, you weren't clear :\
Possibly due to the fact that the last kernel fix was a week ago, or just that the patch is minoor, or because RH is being kind to those of us who still have reasons to run RH 7.3 just yet, but look to RH for a kernel update if you need one for 7.x and 8 which are unsupported in 2004. Thanks RedHat. Saved me a panicked kernel decision. I desperately didn't want to return from a vacation to a timetable jump of a few weeks.
I am, and always will be, an idiot. Karma: Coma (mostly effected by
Uh, right. "make bzImage" actually takes a couple minutes on any decently fast computer. You don't need to rebuild all the modules, and even that will take much less than an hour unless you're running ancient hardware.
LOAD "SIG",8,1
http://transition.progeny.com/
this comment should break down the grandparent
If you don't like it, go to Microsoft. They have a long history of delaying patches and even not patching things!
Having written Windows software for years, I can tell that if local exploits ever become a concern for Windows (e.g. if Windows ever goes multiuser in a big way, where a local user may want to exploit the machine), almost every Windows application will have big problems with local exploits
...are pretty much only for convienience, that is to keep user settings and such separate among a group of mutually trusted users (like say, a family). There's not much in terms of real security.
That users created at install time default to admins with no passwords only goes to prove that even more. Which is fine, as long as a) noone unauthorized can get to the machine and b) all the users trust eachother.
On the other hand, local exploits are a grave concern in many settings, say for example a university where each student has a local account. So they should by no means be taken lightly, even if they don't produce worms.
Kjella
Live today, because you never know what tomorrow brings
Does someone want to rewrite every syscall of the linux kernel, cause it's seems very buggy this days :)
That's another good one for the department of redundancy department. (Hint: what does "et" mean?)
Constitutionally Correct
*ANY* exploit that involves the 'My Computer Zone' or similar is due to bad design. When the fundamental security design is screwed, you're stuck with either throwing it out entirely, or patching, patching, patching, patching as new ways around it are found.
RedHat Network has patches for RH 7.3. From the RHN Errata page : "We have provided kernel updates for Red Hat Linux 7.1-8.0 with this advisory as these were prepared by us prior to December 31 2003. Please note that Red Hat Linux 7.1, 7.2, 7.3, and 8.0 have reached their end of life for errata support and no further errata will be issued for those distributions."
In Linux... (Score:-1, Troll) you have to spend 4 hours recompiling your kernel for stuff like this.
In Windows, you just install a small binary patch that takes less than a minute.
A few months later when/if they get around to releasing the small binary patch. B-)
But there IS a real problem - at least as of the last version of RedHat I installed. (And I'm presuming the same is true with other "commercial-grade" distros, so somebody PLEASE let me know if there's one where this is NOT true.)
In Linux the commercial distributions make it easy to do an initial install - once. But the included documentation doesn't tell a newbie how to compile and install a new kernel. Or how to download a kernel patch (unless, MAYBE, if he figures out it might be needed and digs deep and hard for it).
With Red Hat:
- The install tools are all directed at getting him from bare (or windows-loaded) machine to login prompt.
- The phone support included with the distro (before the recent policy changes at least) stops when you get installed to where you have a login prompt.
- The admin tools are essentially all directed at tuning that initial install. (Exception is rpm - with some of the most convoluted manual pages I've seen in a long time. But even that leaves him in the same position as a Windows user - waiting for an RPM patch.)
Source included but NO documentation on how to build from source. The nicey-nice admin tools make it worse, by hiding what's going on from the user so he has NO clue what's going on behind the pretty GUIs.
I'll believe Linux is ready for prime-time when the distro documentation includes:
- A keystroke-by-keystroke walkthrough of applying a patch.
- A keystroke-by-keystroke walkthrough of building and installing a distribution-equivalent kernel from source (so the user has a trusted baseline from which to make ONLY the changes he intended).
- Explanations of the configuration-file twiddling done by the admin tools - broken down by GUI page.
Anything less leaves him in a position much like a windows user - dependent on the vendor or a consultant. Unable to make his own changes (beyond config-tool knob-twiddling) without a long learning process (much like becoming a MSCE) because any change he makes might shatter his configuration beyond his own ability to recover (short of a reinstall from scratch).
Yes, with Linux you can learn this stuff without having to go buy a monopoly's school supplies. But at least Microsoft understands that a user has other things to do than become a guru. Linux distro providers and hackers, on the other hand, seem to have forgotten the learning curve they climbed.
Linux is still in the model-T / hot-rodder stage. Versus, say, Microsoft, which has advanced to black-box engine control / recall and dealer-fix stage. (Except that the recalls are too few and too often not-free. Unlike the "big three" plus foreign compeition, a dissatisfied customer can't dump the latest in a series of lemons and switch to a competitor's functionally-equivalent peach.)
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
I know the feeling it took me 6 hours to make this comment. It's so damn hard typing "make oldconfig" with only one finger ;-)
The title of the article says "Root Vulnerability"!
Anybody with any rudimentary knowledge knows that this is about the worst possible thing they could say. They did not even say "Local Root Vulnerability" which they could have.
Your smiley looks like Eddie Munster.
If it ain't broke... ...it is now.
Ahhahahahaha... that's FUNNY!
Looks like wget's output. Are you trolling or are you sincere?
Similar, but not quite as obviously redundant as the other examples cited.
Normally I just download the entire 25MB+ tar.bz2 file, copy my config over and then recompile. But this is pretty major waste of their bandwidth and my time. Can someone give me a quick 1, 2, 3, on patching my existing /usr/src/linux-2.4.23 directory to become 2.4.24? Or are there some kind of advantages to just doing it the way I've been doing it?
If the only changes from 2.4.23 to 2.4.24 were some "minor" bug fixes, why do I see such a big difference in the size of the kernel binary?
-rw-r--r-- 1 root root 667113 Dec 1 22:44 vmlinuz-2.4.23
-rw-r--r-- 1 root root 713946 Jan 5 18:53 vmlinuz-2.4.24
The story submission sounds pretty bad, but if you read the lkml email, it's actually pretty subtle. There's an obscure memory manager bug that requires some pretty serious finagling to be exploited.
May we never see th
The url contains an elf executable:
$ ls -l sys
-rw-rw-r-- 1 user user 17313 des 11 17:18 sys
$ file sys
sys: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.2.5, dynamically linked (uses shared libs), not stripped
$ strings sys
[..]
/dev/ptmx
/dev/pty
/dev/tty
sock et
bind
listen
LameBD is starting..duh
OK, pid = %d
/dev/null
/tmp
HOME=%s
Can't fork pty, bye!
/bin/sh
Looks like something bad
I remember, back when the last ptrace bug was found, some kind soul created a kernel module that (a) renamed the current ptrace function to something else and (b) implemented a new wrapper function that first checked to see if you were root, before deciding whether to call the old ptrace. Slick!
I'm surprised this sort of workaround hasn't been done for other kernel bugs. It seems it wouldn't even have to be a workaround. A module could actually provide a new, repaired version of the buggy routine. Couldn't it?
I can imagine insmoding a list of "kernel-fix" modules at boot time. Then, every once in a while , I'd upgrade my machines to a new kernel, but without the urgency of getting a new kernel installed RIGHT NOW! to fix a small (code-wise) security problem.
...welcome our Depinguinator overlords!
Lin^H^H^HBSD User
I'm gonna do something illegal to the next person that says ATM machine, too.
What do you claim distinguishes "ATM" the cash machine from other meanings of "ATM" more easily than "ATM machine"?
Even so, "New Technology" is a name for that technology.
No. "Windows NT" is a trademark. The law recommends using trademarks and service marks as adjectives. Even if the mark consists of initials, one of which would expand to a generic term for the product (such as "FS" in "XFS" or "T" in "NT"), the law still recommends following the mark with a spelled-out the generic term.
poster faked his mod points!
Okay so is XP the Camry or a Camaro
but I didn't have to badger anyone to get it
True, but did you have to use a mushroom mushroom?
Well you couldn't call it the PI number, because that's 3.14159... and just think if everyone had to type pi in on the ATM keypad. They would be there all day. Or longer. Much longer. :)
Just FYI check out:
http://www.sleuthkit.org/index.php
http://ohiohtcia.org/linuxintro-1.8.1.pdf
Also do a cksum comparison with your distro's packages and whats on your filesystem.
I wrote many years ago (as did millions of other people) an ugly little perl script (that needs to be updated) to find SetUID files. Give it a try also:
http://www.jasonrexilius.com/code/find_suid.txt
You will want to add to it a recursive function or use the find command:
find / -type d -exec [theperlscript] {} \;
this is very slow obviously..
HTML rendering libraries are used throughout the OS(explorer, help,...), and these are part of IE
As you correctly recognize, when most Slashdot users refer to "IE", they refer to MSHTML.dll and its dependencies, not strictly to the 89 KB iexplore.exe shell. Most vulnerabilities "in IE" actually lie in MSHTML.dll or in one or more of its dependencies; hence the Windows Update warnings to the effect of "This affects you even if you don't use Internet Explorer as your primary web browser."
that doesn't make IE a part of the OS
Would you consider explorer.exe a part of the operating system? It uses MSHTML.dll. I claim that if a given program forms a "part of the operating system," then everything it depends on is also OS as well.
Also, is Linux more secure than Windows, because I hear a fair amount of Linux security holes more than Windows
Well, according to the Inquirer http://www.theinquirer.net/?article=13420 some Linux distro's are WAY worse than Windoze. For e.g. Debian GNU/Linux 3.0 with 186 vulns last year opposed to Windoze XP Home with 32
I find this very hard to believe, and haven't checked their sources yet, but it does look disturbing. Makes me wonder what comprises a "Linux" vuln vs a Windoze one?
This kernel received the codename: Angus; it should be refered to as "Kernel Angus," for example:
Daddy: Oh, watch out, Melinda! Once a woman is introduced to Kernel Angus, she'll settle for nothing less.
Melinda: Daddy, they say all the womenfolk just love Kernel Angus!
Daddy: Hmm.. I don't know why people make such a big fuss over Kernel Angus!
Miss Anabelle: I myself never much cared for Kernel Angus! He rubs me the wrong way. I'm not sure why.. can't put my finger on it..
Daddy: Kernel Angus is an acquired taste! Bedelia!
Props to Tina Fey for writing this great SNL skit.
(BTW, It's easier to catch the joke if you read it out loud...)
So if I was worried enough to set a root password on my linux box, I would be worried enough to use this patch right?
--"It's Bradford Company, slash your last name, dot your first name"
Moin,
I just checked the Yast Online Update and there is already a fixed kernel for SuSe 8.2! Woa! I hope this time I don't need to re-install the Nvidia drivers....
Cheers,
Tels
Hello pot, this is kettle. Your black.
Redhat just killed Redhat 7.3 support too!
This space is not for rent.
I've already posted in this thread, or I'd mod this one up myself. This answers a debate we were having at work about an errata being released after the EOL date.
I am, and always will be, an idiot. Karma: Coma (mostly effected by
Isn't there a workaround besides reinstalling a new kernel?
2 local (= almost remote) roots in the kernel in 3 months isn't good. Guess the OpenBSD paranoia isn't that bad after all.
Available here.
Maybe you had a PHP page that passes input from the URL to the 'include' PHP function? Its an "easy" way to exploit, since you can pass an URL to another PHP script to it and PHP will grab that file and execute it. This might have been used to download a file with wget (executed with PHP, which is why the wget's output is in the apache log) and then executed it, and the binary propably used some local root exploit to gain root privileges for the apache user.
;)
I have had a few attempts like that on my server (this for example, no idea what it does), but I was prepared with a syntax check for the variable passed to include and it didnt work
This is not flamebait, but a very valid argument many people use against linux.
The point it failes to realize though is that with linux, a patch comes out for every exploit almost instantaneously, and anyone is able to patch it. With windws, one has to wait for MS to come around to patching it, since they are the only ones that decide what is worth patching and when.
A windows patch may happen tomorrow, next week, next month, or may not happen at all!
A linux patch, if important, will be patched almost instantaneously, and if not, you can patch it all by yourself if you like.
What was actually the change? that way I can merge it into 2.4.21
(upgrading to 2.4.24 ain't an option for me: the UPS-software stopped working after version 2.4.22)
www.vanheusden.com - home of Multitail, HTTPing, CoffeeSaint, EntropyBroker, rsstail, bsod, listener, nagcon, nagi
That's an interesting idea - you can have any PIN you want, as long as it's a substring of Pi. If you don't want someone stealing your code, learn more numbers! Plus, having people memorize long sequences of random numbers would have the obvious benefit of, um, uhh... well, it wouldn't be much different than what we have now, anyway.
Haida Manga
or the apt or similar stuff.
I be gettin' mah cash money from the ATM machine, biznatch.
Haida Manga
Here is a great little utility which makes building new kernels easy. It automates the process of downloading and applying patches, and can be easily configured to build a new kernel reusing your previous kernel config selections. Makes the download/patch/recompile process about as seamless as it gets, especially if you have a static kernel config.
Intelligent Life on Earth
Proper exploitation of this vulnerability may lead to local privilege escalation including execution of arbitrary code with kernel level access. Proof-of-concept exploit code has been created and successfully tested giving UID 0 shell on vulnerable systems.
Awwwww yeaaahhh....
Yes, I really did get rooted. I'm running Debian, and I suddenly started getting console messages from syslog with just blank lines. It had been up for around 150 days, so I figured it was getting flaky and I'd do an apt-get upgrade and reboot. I tried that, but I got access denied messages (as root), some other stuff broke (like netstat would only segfault), did some more research, and chkrootkit found "t0rn v8"... I did a complete backup of the system and reinstalled (so I can look at the backup to figure out what happened). I do hope I can figure out how they got in so I can prevent it in the future.
FAT Table is one I use to hear a lot
What I want to know is when 2.0.40 will be released. rc6 has been out for over 18 months...
I wrote many years ago an ugly little perl script to find SetUID files.
Perl idiocy strikes again.
I mean, why learn how to properly admin the OS when you can waste time writing a Perl script instead?
Hint: typing 'find / -perm 4000' will show you all of the SUID files on your system.
You mean that a company living off selling support, is prodding their customers towards downloading new kernels from their support?
Seriously though, apart from here on slashdot I think the distro's have updated patches before 99,9% of the users compiling from source. So unless you absolutely want to dick around wtih your own kernel, what's the big point?
To have thousands of Linux admins, running the same distro, all compiling the same kernel on thousands of machines is not "prime-time". It's a wasteful and futile duplication of effort.
Kjella
Live today, because you never know what tomorrow brings
When I upgraded to this kernel version, gkrellm stopped working. Did anyone else experience the same thing, or is it something unique to me?
The debug information is incredibly unhelpful. It hangs here forever (at least until I -C it...)
bash-2.05b$ gkrellm -w -d 3
--- GKrellM 2.1.24 ---
diskstats=0 partition_stats=0 sysfs_stats=0
Whats that everyone says about having so many eyes on the code? Looks like they may need to add a few more eyes.
Manipulate the moderator system! Mod someone as "overrated" today.
is this what got those debian ftp server(s?) a while back?
Arrgh! Not more people who just count the number of vulnerabilities! I just skimmed that article, but it looks like crap to me. Standard Microsoft trolling, nothing else.
Don't listen to anyone who claims something is more secure based on the number of vulnerabilties. I bet if you look at all the "vulnerabilities" counted for Debian, most of them were for crap you'll never use (they seem to have every single little open source project ever made) or something stupid like "users can manipulate the high score file of some lame obsure video game." You have to look at what the vulnerablilites are.
You should also take into consideration whether or not the organization in charge will disclose all vulnerabilities they know about. Debian is very open, they probably couldn't keep such things a secret if they wanted to. Also, I think Debian has far more packages than any other Linux distro (certainly far more software than MS ever put out), so obviously they are going to discover more problems.
When I hear someone say a MS product is more secure than anything, my bullshit meter flies off the dial. Maybe something written by a ten year old script-kiddie. ...or something
deliberately botched. I buy the statement something made by IBM or
HP would be more secure (especially considering those projects
are probably more mature), though obviously anything written by
that reporter can't be trusted, and merely listing the number
of disclosed vulnerabilities doesn't mean anything.
This is total crap (emphasis mine):
Does this guy know what assembly language is???? It doesn't have any sort of bounds or type checking at all---well unless it is built into the processor design (I am not familiar with mainframe CPUs), and if it is, a C compiler written for that processor will most certainly use those features too.
Also, looking at the table, they included OS 9. Does that version even have a filesystem permission system or a concept of users? Why don't they just include Win98 too. That's like saying "the building uses empty frames instead of doors. We didn't find any problems with the locks, therefore the building must be secure."
to find setuid files, try using 'find'
/usr/bin (on my laptop, which I haven't hardened much yet) /usr/bin -perm +6000 -print
/usr/bin/chsh
:)
the following finds all setuid or setgid files in
[dave@scallop dave]$ find
/usr/bin/rcp
/usr/bin/rsh
/usr/bin/chfn
/usr/bin/sudo
...
Then Microsoft announced plans to make the data files of its flagship applications executable.
They were warned. Security experts warned that this crazy innovation would allow vandals to infect Word files and to infect e-mail.
Microsoft ignored the warnings. And it wasn't long before the first Word macro viruses were seen in the wild. But, in the end, the e-mail viruses, that raided your address book, turned out to be much more expensive.
Why?
Why would a corporation with the public interest at heart introduce a suite of programs with such a fundamental design flaw?
Some wise man counselled, "Never attribute to malice that which can be explained by incompetence." I used to think that this bad design could be explained by incompetence on Microsoft's executive floor.
About a year ago I started to wonder about this. Gates and Ballmer started talking about security. Palladium . The Trusted Computing Platform. When I read about these schemes I realized that the explanation for Microsoft's terrible design choices could be part of a deep game. Make the internet an insecure place in the mid nineties? Reap the rewards by getting your victims^H^H^H^H^H^H^Hcustomers to welcome allowing you draconian control over their computers in the mid 00s?
http://www.securitytracker.com/alerts/2003/Dec/100 8386.html
Awesome co-inkydink.
-- Karma whore? You betcha. --
Server has been up for 150 days, was hacked, and you wonder how they came in? Wow.
Now this is how you can prevent it in the future: how about upgrading the kernel every time they release a security patch? You wouldn't have a 150 day uptime if you did that.
I would recommend you choosing a serious distribution like Debian or Suse, use just the packages - do not compile anything what you do not really need, subscribe to the mailing list and UPDATE THE SYSTEM every time an update is released. Howgh.
It was actually a function called as part of a larger script where after it found the SUID files it did a number of other things.
In short it isnt perl idiocy but a small part of a larger piece of logic that was just less efficient to code in bash or ksh.
So relax and get off your soap box.
Yeah, that is the simple way ;-) The original script was actually just a subroutine that was called as part of a bunch of other stuff (like comparing cksums off of a known source CDROM, generating a list off diffrences, etc.). I referenced that script for the guy so he could get started developing something for himself. Better to teach someone to fish as they say..
Those who sacrifice security to condemn liberty deserve to repeat history or something. - Benjamin Santayana
Okay... but you're preaching to the choir here. Ever heard of the TCP/IP Protocol? 6 words in the acronym, 3 of them are "protocol".
Anyone is able to patch it who knows that the bug exists. Of course this requires all linux users to subscribe to security advisories or regularly check for new vulnerabilities. Then they need to have learnt how to merge the patched code and compile the kernel. Somehow I see this as a problem for my 80 year old grandmother, but she is quite capable of saying "Yes" when her Windows XP machine tells her she needs to let it update itself.
How much time do you spend checking for new problems in your OS and all the rest of your software? Wouldn't that be time better spent working or doing something fun? Of course you probably are such a sad case that patching your kernel IS fun, in which case knock yourself out, but stop looking down your nose at those that actually choose to have a life.
You can't win Darth. If you mod me down, I shall become more powerful than you could possibly imagine
From the article: "An incorrect bound check discovered inside the
do_mremap() kernel code performing remapping of a virtual memory area
may lead to creation of a virtual memory area of 0 bytes length."
From the newly released 2.6.1-rc2 Changelog: " Don't allow mremap of zero-sized areas."
Actually, this is wrong. Microsoft's goal is to make money - they could care less about their customers. If you don't believe this, try reading their EULA's some time.
#1 many linux distros patch themselves also, just as easily as windows.
if you are a sysadmin and have to worry about security being exploited during the time MS is patching, the advantage linux brings is obvious
OK thats fine if your job is looking after a network. You have the time, knowledge and motivation to stay up to date. On the desktop is a different story however. Most users just don't bother. The sad truth is that even a programmer I know who ought to know better still uses Win95 at home and if they can't be persuaded to make sure they're PC's are secure who can be? Personally I don't understand linux or bsd or whatever. I'm a programmer with 5+ years development on windows plus some time on VMS but I've never had the time or reason to get to know linux or BSD. I tried once and gave up after a few weeks because I couldn't get it to be stable. I was trying to customise stuff and configure it, and to be honest I was probably making a real mess. The problem with linux is that if you don't know what you are doing but have to try and admin your system you can very quickly start to feel totally overwhelmed with little or no help at hand. No good games, bad development enviroments compared to Visual C++, and frustratingly confusing file system model for someone who has really only known windows. I can't think of any reason why I would now choose to run linux as my primary desktop OS. On a server or firewall, yes maybe, but more likely I'd run a BSD, but untill I have the need for a seperate server or firewall at home, I'll be sticking to XP, secure in the knowledge that as long as I run a software firewall, anti-virus software, keep up to date with patches, use firebird instead of IE and am moderately sensible, the chances of my system being hacked are pretty minimal.
You can't win Darth. If you mod me down, I shall become more powerful than you could possibly imagine
that i can agree with. but linux is moving towards there also.