Linux 2.4.24 Release Fixes Root Vulnerability

← Back to Stories (view on slashdot.org)

Linux 2.4.24 Release Fixes Root Vulnerability

Posted by simoniker on Monday January 5, 2004 @05:11AM from the version-plus-plus dept.

diegocgteleline.es writes "Linux Kernel 2.4.24 has been released and is available on kernel.org. It seems there's a bug in the mremap(2) system call, where a local user can get root privileges.The new version has been released only with the most important bugs fixed - the rest of the changes have been postponed (those changes include the XFS filesystem)."

10 of 436 comments (clear)

Min score:

Reason:

Sort:

Can't Wait! by gillbates · 2004-01-05 05:22 · Score: 3, Insightful

For the Microsoft trolls to pick this one up.

Is this just more proof that Linux was built by amateurs? Or wait - I know - that Linux can't be trusted because the source code is open.

Now, for those who think I'm serious, think about it for a moment. Slashdot hypes up every single MS vulnerability as "proof" that MS systems are inherently insecure. And I wouldn't disagree that MS systems are insecure. But discovering a single (or a few) vulnerability doesn't make an OS insecure.

What it comes down to is vigilance and design. The numerous security holes in MS products are a result of bad design, not merely a mistake or two. And this is the big difference between this vulnerability - a mere isolated mistake - and Microsoft's complete lack of engineering which ensures that their software _will_ have security holes.

Okay, flame away Microsofties!

--
The society for a thought-free internet welcomes you.
1. Re:Can't Wait! by TWX · 2004-01-05 05:27 · Score: 3, Insightful
  
  Not only that, but Open Source/Linux tends to state specifically what the problem is, where to see it, and what the exact fix as code is, versus just relying on some international megacorporation to release a binary-only patch that one has to trust doesn't contain any more report-ware or additional bugs.
  
  Even with Linux's problems, I'll take it any day over MS OSes. At least Linux developers are honest about their mistakes.
  
  --
  Do not look into laser with remaining eye.
2. Re:Can't Wait! by pballsim · 2004-01-05 05:39 · Score: 3, Insightful
  
  Personally I believe this shows that people are making the software and people make mistakes. Some mistakes are more stupid than others.
  
  I remember an exploit in the apache code that when they received an image that was bigger then there buffered they doubled the size of the buffer (ONCE!). (This was in November, not sure if they fixed it).
  
  I think this should just make the Linux and Microsoft and whatever communities be more humble and stop some of these flame wars.
  
  Linux/Unix/Microsoft all have their advantages and disadvantages. Both have great programming and weak programming. They all strive for the same goal, to make it easier for users to use computers. Linux/Unix was originally designed for programmers, Microsoft was originally designed for business people. They both are working on going to the other side.
3. Re:Can't Wait! by NanoGator · 2004-01-05 06:24 · Score: 3, Insightful
  
  "Is this just more proof that Linux was built by amateurs? Or wait - I know - that Linux can't be trusted because the source code is open... Now, for those who think I'm serious, think about it for a moment. Slashdot hypes up every single MS vulnerability as "proof" that MS systems are inherently insecure. And I wouldn't disagree that MS systems are insecure. But discovering a single (or a few) vulnerability doesn't make an OS insecure."
  
  So doesn't it stand to reason then that the 'Microsoft Trolls' are simply giving you a taste of your own medicine? If Slashdot weren't out to sensationalize Microsoft at every turn, you wouldn't have to deal with 'Microsofties' forcing you to eat a bit of humble pie when these things come along.
  
  In short: People in glass houses...
  
  --
  "Derp de derp."
Re:XFS Filesystem by SirCrashALot · 2004-01-05 05:35 · Score: 3, Insightful

XFS is also the X font server.....
Re:In Linux... by Nasarius · 2004-01-05 05:46 · Score: 3, Insightful

Uh, right. "make bzImage" actually takes a couple minutes on any decently fast computer. You don't need to rebuild all the modules, and even that will take much less than an hour unless you're running ancient hardware.

--
LOAD "SIG",8,1
Re:Well... by RoLi · 2004-01-05 05:46 · Score: 4, Insightful

Holes like elevation of privileges (like this one) cannot be used by worms since they work only when you already have access to the system. So while these bugs are bad enough, they are still not nearly as bad as the Win-RPC, or the bugs that allowed Nimda, CodeRed etc. to exist.
Even the multi-user functions of today... by Kjella · 2004-01-05 06:02 · Score: 4, Insightful

Having written Windows software for years, I can tell that if local exploits ever become a concern for Windows (e.g. if Windows ever goes multiuser in a big way, where a local user may want to exploit the machine), almost every Windows application will have big problems with local exploits

...are pretty much only for convienience, that is to keep user settings and such separate among a group of mutually trusted users (like say, a family). There's not much in terms of real security.

That users created at install time default to admins with no passwords only goes to prove that even more. Which is fine, as long as a) noone unauthorized can get to the machine and b) all the users trust eachother.

On the other hand, local exploits are a grave concern in many settings, say for example a university where each student has a local account. So they should by no means be taken lightly, even if they don't produce worms.

Kjella

--
Live today, because you never know what tomorrow brings
Re:Mod parent back up please by Zapman · 2004-01-05 07:04 · Score: 3, Insightful

Software is written by humans, and humans make errors, so software has bugs.

All software.

The sysadmin motto (abridged) is 'all software sucks, all hardware sucks'

I just looked through the bugtraq archives, and found 3 local root exploits for OpenBSD in the year 2003. That's the same class of problem as was found in Linux.

Security is a mindset, and a practice. It's not a platform.

--
Zapman
Re:Argh, just finished 2.4.23 went back from 2.6 by Per+Wigren · 2004-01-05 07:33 · Score: 3, Insightful

$ man nice

On kernel 2.4 and earlier, you usually gave the X-server a negative nice-value to give it higher priority which lead to somewhat better responsivness. But the 2.6-kernel has a new rewritten scheduler (?) that detects if the process is interactive or not and handle them differently to make interactive apps more responsive while giving non-interactive apps more throughput. By renicing the X-server you foul the kernel to not make use of this and thus get a much less responsive X desktop.
If you just compiled and installed the 2.6 kernel on a 2.4 distro that is not 2.6-ready you'll have to mock with the X startup-scripts to remove the nice/renice-stuff to make use of the great 2.6 desktop-features.

--
My other account has a 3-digit UID.