Slashdot Mirror
Local Root Exploit in Linux 2.4 and 2.6
Anonymous Coattails writes "Summary from the advisory: 'Locally exploitable flaws have been found in the Linux binary format loaders' uselib() functions that allow local users to gain root privileges.'"
← Back to Stories (view on slashdot.org)
Why is it every nearly Linux flaw is locally exploitable, where as every nearly every Windows flaw is remotely exploitable?
Maybe Microsoft figures most companies already do a good job of securing their physical servers...
*awaits justifications and explanations of why this is nothing like Microsoft*
Does this exploit run Linux?
Read down to the Credits on the link and you see this line:
Credits:
========
Paul Starzetz has identified the vulnerability and
performed further research. COPYING, DISTRIBUTION, AND MODIFICATION OF
INFORMATION PRESENTED HERE IS ALLOWED ONLY WITH EXPRESS PERMISSION OF
ONE OF THE AUTHORS.
Did I violate you buy hitting ctrl-c and ctrl-v? Yeah copyrights stink even in free and open source realm. Oh yeah I guess Polly boy has something to put on his resume now as if someone else was going to steal his glory and get away with it.
That's the sound of a thousand Microsoft fanboys typing up their "LOLOL!!! Lunix is teh sux0r 2!!!" messages.
*sigh*
The sweet sound of sysadmins sweating. Or is that smell?
I sicken me.
I always thought that NAT and bastille would be enough. I never considered the risk of this sort. Worse yet, it seems that the reported exploit isn't the only locally exploitable flaw
What's an admin to do?
from the without-users-this-wouldn't-be-a-problem dept.
*Shudders*
Then, methinks: "I'll just apply a patch..."
It turns out that patches do NOT always fix the problem.
What's an admin to do?
How do people find this stuff? Amazing. Open source is astounding.
When do I get my kernel update?
shutdown -h now
earlier story of security flaws in Mozilla, root exploits in Linux?
Must be the work of Mr. Gates
I compiled included code at the end of the advisiory, this was the output on RHEL 2.4.21-20
./test
%
[+] SLAB cleanup
child 1 VMAs 65525
child 2 VMAs 65392
[+] moved stack bfff8000, task_size=0xc0000000, map_base=0xbf800000
[+] vmalloc area 0xdf400000 - 0xfe5f2000
Wait... -
[-] FAILED: try again (Cannot allocate memory)
Killed
It's a good thing I've got the patch downloa
Who ever found this must really know what they are looking for. Since it is local though, it just goes to show that strong passwords and encryption are essential, as well as physical box security so Th0Z L33t Hax0RS d0N'T Hax0r yEr B0X0r.
They've got a pretty good record. Unfortunately, kernel-level stuff is nasty -- how do you fix embedded devices?
Try not. Do or do not, there is no try.
-- Dr. Spock, stardate 2822-3.
I'll shoot anybody who come 100 meters close to my machine*.
Now, that's security!
* May not be trueI need no exploit to gain root privileges, I just login...
Mod parent -1 denial.
It's a straight fight so far in the Privilege Escalation match in the past year, so let's look in on our contenders:
Windows (all versions) 100
Linux 1
It looks pretty bad for Linux until you consider that this game is scored like golf, and then it's all tears and jeers in Redmond.
Back to you, Cowboyneal.
(NB. I know there have probably been other Linux kernel exploits, but this is the first in recent memory.)
su
It is logical to think that a larger number of users will find a larger number of exploits and bugs. But will the ratio be less for linux.
I just want to know if we would see more of these posts about linux exploits if linux had a bigger audience.
CS: It is all sink or swim...oh and did I mention there are sharks in that water?
Merely one exploit for M$ is a goal they hope to acheive sometime before the sun turns into a red giant.
... if I forget my root password.
GETPKG - Package Management for Slackware
dude i'm not going to read all that crap. give me a freaking summary.
Is there ever a time when you can consider your systems secure against an attacker with physical access?
Is it just me, or does Linux really have daily exploits in contrast to Mac OS or the BSDs?
all the linux zealots vs all the MS zealots. When will everyone realize that humans are inherently flawed beings who produce inherintly flawed products from cars that run using fire and that rust, to operating systems chock full of flaws. Once linux gains enough momentum and is deployed on a meaningful percentage of business users desktops, hackers will deem it worthwile to devote time to exploit it. its absurd to think that any opeating system is so head and shoulders above anything else. its only a matter of time. get off your soapboxes. Why is using MS update any different than downloading this new linux fix? the doublestandards on display at /. never cease to amaze me.
-r
sig pending
Obviously if it is local if it is exploitable from the console. But can it be exploited remotely through ssh if one already has a user account?
The unofficial
Again?
Uptime sure ain't no argument when talking about Linux anymore
*patching servers*
I mean, just look at it... Windows gets exploited across their network facilities. Linux never does.
;-)
Who's smiling now, eh?!?
To Terminate, or not to Terminate, that's the question - SCSIROB
How do you fix embedded devices? Um... you mean how do you update/patch the code on the embedded device so that a local user can't escalate to root?
First of all, for many embedded devices, this isn't an issue. I mean, if you're an attacker, what are you gonna do once you get root? If the owner can't patch the OS, you probably can't install a rootkit either. Sure, you can DOS it, but if you're physically at the device, you can DOS it just by hitting the power button.
However, manufacturers of all embedded devices (not just Linux-based!) should definitely put a mechanism in place for updating the program code.
Troll or not, not posting will just end up with more vulnerable boxes.
:)
Short-term vulnerability in retrun for media coverage and quick patching, or long-term vulnerability while those "in the know" freely exploit.
Former, please.
and look at the amount of code it took. at least it aint javascript...
You are about to give someone a piece of your mind, something which you can ill afford...
I should mention that enabling ELF format is still highly recommended (after the patch for this is released of course) and unless you do special programming work in linux then enabling a.out format is not recommended.
"uselib" is a Linux-specific extension, and, as a result, has received much less real-world testing than traditional UNIX system calls. Keep in mind that the traditional UNIX system calls have received millions of man-years of real-world testing in large user communities likely to attempt both remote and local exploits. It is not surprising that Linux-specific extensions are at a much greater risk of containing serious security problems.
COPYING, DISTRIBUTION, AND MODIFICATION OF
INFORMATION PRESENTED HERE IS ALLOWED ONLY WITH EXPRESS PERMISSION OF
ONE OF THE AUTHORS.
Is it just me, or is this mind-bogglingly stupid? A security advisory which can't be redistributed freely? Imagine if the same approach was taken to important warnings in the real world -- "There's a tsunami heading towards you... but you're not allowed to redistribute this warning to all the people around you without my permission."
Security advisories should be in the public domain.
Tarsnap: Online backups for the truly paranoid
Right, let's compare the flaw in a single kernel versus the ENTIRE OPERATING SYSTEM of Windows, GUI, shell, and associated apps like Internet Explorer as well as user-ran executable attachments in Outlook, which have nothing to do with Microsoft.
What happened to all the "Linux is just the kernel" stuff? Oh, that's right, we were bashing Microsoft.
Besides, if you mean "past year" as 2005, then this means Linux is first out of the gate.
No local root exploits found! ;)
That's why I run FreeBSD
If we look at a standard office, the servers are normally under lock and key. If we look at a machine in your house, you probably lock your doors when your not at home.
All in all, this is not even close to the problem MS has with their exploits.
I'm not a doctor, but I play one in bed.
The parent was modded as funny, but I have always wondered about a trojan that exploited sudo, possibly through a too-permissive NOPASSWD rule, or something that exploits the window where sudo doesn't prompt for a password.
(S(SKK)(SKK))(S(SKK)(SKK))
... distribution of local roots exploits is permitted if source code is included as required by the GNU GPL
Just skimming, and noticed the sample exploit code has a function __kcode() that contains a bunch of assembly stuff. Is this exploit portable to other archs?
It doesn't work on my Gentoo box running 2.6.9 so I'm safe. This machine will not be hacked.
It's a good thing I have telnet running on that box so that I could try it remotly though.
IP Therefore I am.
./test
child 1 VMAs 0
[+] moved stack bfffe000, task_size=0xc0000000, map_base=0xbf800000
[+] vmalloc area 0xdf800000 - 0xfee67000
Segmentation fault
Same compile errors, tried with gcc-2.95 gcc-3.3.5 gcc-3.4.
You can get your kernel update now!!! :)
www.freebsd.org
it also includes a whole OS!!!
This really does work!
1) Login with your userid
2) type 'su' at the command prompt
3) fill in root's password
4) ???
5) proceed to screw up your flaky linux install
Was linux ever even ment to be secure locally? You can stick it in single user mode, or just nick the hard-drive. Meanwhile IE is counting its 80th root exploit...
This comment does not represent the views or opinions of the user.
All your shell are belong to us.
Local means "has an account on the machine". It does not mean "physically at the computer". This can be exploited remotely by anyone with a login account on the machine who can login via ssh or telnet. If you're running, say, a university's Linux server, this is a major problem, as now all your students and professors have root.
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
Isec.pl has done a lot for the open source world, they've found lots of vulnerabilities (which is good - vulnerabilities ARE like any other bug):
Take a look at the impressive curriculum of those guys:
d_path() truncating excessive long path name vulnerability
Linux kernel do_brk() lacks argument bound checking
Linux kernel do_mremap() local privilege escalation vulnerability
Linux kernel do_mremap VMA limit local privilege escalation vulnerability
Linux kernel setsockopt MCAST_MSFILTER integer overflow
Linux kernel file offset pointer races
Linux ELF loader vulnerabilities
Linux kernel IGMP vulnerabilities
Linux kernel scm_send local DoS
Linux kernel uselib() privilege elevation
Guess what, they're also the guys who discovered the mozilla hole diclosed today: Heap overflow in Mozilla Browser NNTP code
Those guys are impressive. In particular, Paul Starzetz is the author in most of those kernel holes, along with a guy called Wojciech. They always contact the kernel maintainers before discosing the vulnerability, etc. Basically, they're having the same effect than a security audit. Except that they're doing it for free, so they deserve respect, I think. And yes, Linux is having too many kernel-level vulnerabilities. More than XP if I'm counting them right. Perhaps someone should offer a job to those guys so they can audit parts of the kernel better.
(And I can understand that copyright policy - there're people who probably look at those announcements, ctrl+c and ctrl+v and they release their own announcement twisting dates claiming that they're the guys who found it first)
I remember recently reading that commercial software generally has several bugs (usually minor, not necessarily security holes) per 100 lines of code (line being terminated with ;). I also recall reading a long time ago in PC World Win 2K was about 16 million lines of code. XP being more or less a facelift to 2K we can assume there maybe is 18-21 million something lines of code. Based on 18 mil. and a very generous 2 bugs per 100 lines, in theory, Windows has approximately 360 000 bugs and holes of varying severity. Good job M$!!!
Its funny how all the 0.x versions of open source software I am running never seem to crash and burn like Windows (and commerical Windows software...3rd party developers make buggy software too)
STFU! You should be posting these kinda things AC, like me!
Right, let's compare the flaw in a single kernel versus the ENTIRE OPERATING SYSTEM of Windows, GUI, shell, and associated apps like Internet Explorer
One of the key weaknesses of MS Windows is precisely that it is a huge unholy jumble of pieces. IE is an integral part of the OS, remember, Ballmer himself testified so.
This is exploitable by anyone with a local account on the machine, which includes those who can login over ssh. This affects literally thousands of servers. Now everyone with access to your Beowulf cluster has root on your Beowulf cluster. Every student that can login and use pine to read their email on your university's Linux email server now has root on the email server. Etc.
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
why did they release exploit code before a fixed kernel was released and mirrored throughout kernel.org? and on a friday afternoon?
i'm not too impressed with the timing of this announcement, and i have to wonder what their motives were. it doesn't hurt their cause that slashdot is advertising for them.
please, people. there's no reason that a situation like this should ever happen.
2^5
If you access your box via telnet, you have other security issues to work on which are probably far more worrysome.
500GB of disk, 5TB of transfer, $5.95/mo
It's not a bug... it's a feature.
yep, "we were bashing microsoft". very perceptive. i bet you get paid to be perceptive.
this is slashdot.org, ran by Open Source advocates and frequented by a million Slashdotters. don't expect to sell many copies of XP around here.
true enough, Windows is an "ENTIRE OPERATING SYSTEM", as you so tactfully put. that is not our fault, sir.
besides, you are acting like there is some sort of comparison between the security of any GNU/Linux OS and a give Windows "OS", for lack of a better word. go click on your new spyware removal tool hahaha...
You are about to give someone a piece of your mind, something which you can ill afford...
Guess this will take some time to fix.
And when some third-party developers write buggy code, they really write buggy code. Remember "Return to the Pool of Radience: Ruins of Myth Drannor". Now that was a buggy game!
Zagreus sits inside your head, Zagreus lives among the dead, Zagreus sees you in your bed and eats you in your sleep.
These are exploits in the most basic portions, against which a sysadmin can do nothing other than keep on patching things. It's not like you could have tunned this system to make it very secure, no, no matter how carefully you (or your distributor) set it, bang, a local exploit seems to be found every month or two.
I'm seriously considering going back to BSD (maybe Debian GNU/NetBSD?), which seems to have a much much much better security track.
It's the sysadmins of University email and webservers across the country going apeshit as suddenly the entire student body potentially has root...
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
and anyone who disagrees will get modbombed by trolls.
That's not true. I still pretend that Linux and Mozilla are perfect and that windows is the only operating system with security flaws, and my post that states something to that effect is currently moderated troll...
It is important to know about, in my opinion. But that's just so we know we need to patch our kernels. Simply the fact that a root exploit has been found does not mean we should go about reposting the same types of stuff that has been posted endlessly before in similar articles on slashdot.
I prefer linux because it's free. It's also pretty stable and secure, which is nice. But I just like linux for what it is. I fear we are getting sidetracked in the "my OS has less exploits then yours, nanananaaaaa" childish type of fights.
I look forward to the updated kernel which will fix this issue for my distribution. Until then, I'm going to do some much needed maintenance on my box and barricade my room so no one but me can get in.... just kidding.
atleast it just a local exploit, security at the keyboard is no problem here since it is in my private home, and there is only family members and myself with access to the localhost via keyboard & mouse...
let me know about remote exploits as these are the most important to broadband connected Linux boxen...
OpenBSD has the best track record of all operating systems in security.
I don't put Linux on my production machines for this very reason.
raw diffs to for those brave souls who want them
Time flies like an arrow, fruit flies like a banana.
...am not scared whatsoever. Nope. Not even a little...
I had an imaginary sig once, he said I was a loser and ran off.
at this site.
but i tried the same on my RH 9 box, nothing. wouldn't compile or run the binary i compiled on RH 7.3
.cig
...though a bit big. www.openbsd.org
What news is this? There have been local exploits in the Linux kernel before, and there will be again. This is less news than the Debian break in a while back - that was worth mentioning because a major Linux installation was comprimised with an unknown kernel vulnerability. But come on! The last few 2.4 kernels (IIRC) have included patches to fix local root exploits. Marcello didn't even rush those out the door. This exploit certainly doesn't seem especially unusual nor was there an exploit in the wild.
Newsflash kids! Linux isn't perfect! Certainly not Linux specific API extensions like uselib. Move along, this isn't the kernel vulnerability you are looking for.
Well, this is why FreeBSD is tend to be better than Linux. You see FreeBSD during the last few years have had much fewer kernel exploits than Linux...
Why is using MS update any different than downloading this new linux fix?
First and foremost, the terms to which you must agree before you download and install. The MS downloads and patches often come with "interesting" end-user license agreements. Meanwhile, with the Linux kernel download, you can do whatever you like, including (*gasp*) fix it yourself, if you have the ability.
Secondly, when you use Microsoft update, you don't know what is getting installed. With many things, like XP service pack 2, you get a lot of cruft that is useless.
As far as popularity being the #1 indicator for available exploits: if that were true, Apache would be the most-exploited web server, since it has 65%+ of the market. Unfortunately, that's not true. IIS has many more published exploits, in spite of the fact that the code for Apache is available for inspection by the black-hats.
There *is* a such thing as "being more secure." Yes, we can't be perfect. (In fact, I don't believe there is a such thing as perfection.) But that doesn't mean that one OS can't be objectively better than another.
Microsoft is to software what Budweiser is to beer.
All that this needs is to be combined with a vulnerability that grants remote access to a machine and you have a serious problem (provided that the remote access allows them to exploit this).
All flaws need to be fixed. Even ones you don't think are very important because they could be exploited together.
It doesn't matter how many holes Windows has compared to Linux. The exploits are usually scripted and tied to a port scanner. If you're vulnerable, you will be cracked.
That's why multiple levels of security are a Good Thing (tm). Defense in depth is the only way to go.
I am running 2.6.10 and I just get a segfault when running this. Anyone else get it to work?
Yep, a security flaw allowing unauthorized root access is undeniably embarrassing. It also seems that us Linux zealots suddenly have a life this weekend and aren't able to submit too many biased excuses for this /. news item. Oh wait, maybe our Firefox browser got hacked and we're just downloading/installing patches. A lot of bad Open Source news for an otherwise good weekend. Oh well, no OS is perfect.
They are "actively" seeking a new sponsor, might explain it...
So how does a university or comparable large organization with hundreds or thousands of users with shell access deal with a situation like this?
There is no patch for this yet right?
Thank God I run Firefox!
The difference between Microsoft from Linux: Microsoft is slow to fix vulnerabilities, denies they exist until they are fixed, and is pronounced market leader in the following of security teams and security packages that have been built upon it. The casual administrator, end-user, and over-all critic looks at the honest state of security on Linux and considers that the number of lacking commercial and otherwise extant security software for Linux is an example of a flawed young and shortlived software venture. We know the truth, but not the consumers; We work hand-in-ass with Linux's internals, and are the critics towards Microsoft because we don't know any honesty from Microsoft because its a deceptive market. Lies/deception is the quick profit, truth is slow to perceive and slow to cause anger; even if it takes ten years for Microsoft to leak an honest exampliary documentary of its past flawed model, but it doesn't matter because it has the money and the force in both government, standards, and subscribers to turn the industry to any three-eyed whore of an OS it felches on the floor.
:)"
:-)
Blockquoth.post.previous {
"Troll or not, not posting will just end up with more vulnerable boxes. Short-term vulnerability in retrun for media coverage and quick patching, or long-term vulnerability while those "in the know" freely exploit. Former, please.
} Blockquoth.post.previous
I rest this case.
I'm running Gentoo.. Where can I get the ebuilds for this?
=)
I don't know what sigma level Microsoft is at but with 2 defects per 100 is 360000 per 1,000,000 lines of code. That puts them at a sigma level between 3 and 4. The Majority of software makers are below that. Yet if MS were six-sigma (they sell software that tracks it) they would have only 61 defects for those 18 million lines of code. NASA isn't six-sigma as there are only a few companies in the world that can achieve that kind of quality. Its like purifying gold - it gets exponentially tougher and tougher the purer you try to achieve.
Windows has approximately 360 000 bugs
Well based off of what you say, software is never improved nor fixed. Generally I'd say mature and tested software will have significantly LESS bugs than what you say. Note that a lot of crap qualifies as being a part of windows 2000, notepad, telnet, and a slew of other stuff know one knows what to do with. Some of this stuff has been drug along since NT4 or earlier, so I would say that the core windows os has much less than 360,000 bugs, even if you do coun't the garbage with it. I'm also wondering if those bugs cover logic errors where all code is correct, but there are still problems between layers and modules. God knows windows' complexity breeds enough of that...
if a virus writer wrote a virus; oviuously. that used this exploit to raise its permissions to root
Atmel, amongst others, produce encrypted RAM. If you don't have the key, you can't read the memory. That's pretty secure, if you ask me.
Any OS with B1 (or better) security has comprehensive mandatory access controls, so that if you DO find an exploit somewhere, it is still not possible to access other parts of the system. (B-class and A-class OS' do not "need" a system admin account, since you can define specialised pseudo users that can do exactly what is needed for a given task and no more.)
Then, there are systems like OpenBSD which have been audited to hell and back. OpenBSD has had one provably-usable exploit in living memory.
Then, you've various security software that's out there. eg: Using OTPs w/ S/Key or OPIE for passwords, enforcement of strong passwords, IPSec w/ strong host authentication on all network connections, etc.
In theory, there is nothing to prevent someone from combining all of these elements to produce a hardened OS that is impervious to both physical and logical attacks, both locally and remotely.
In practice, nobody would spend the time and/or money on that level of security for normal use. Ok, the NSA might, but that's not strictly "normal use". It's also unlikely they'd make such an OS readily available. (They've done wonders with SE-Linux, and the declassifying of Skipjack and SHA has made a world of difference in cryptography, but that's not quite the same as Open Sourcing a bullet-proof system.)
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
This means only that it must be used in conjunction with a process that is exploitable. Let's say, for example, apache was running and there was an exploit available to it. Well, most people would say "oh well.... can't trash the whole machine, the apache user doesn't have the rights." Well once apache is compromised, they can likely find a way to inject the local exploit code for the apache user to run. Once that's accomplished, apache user becomes root user. From there, the machine is 0wned to borrow a word.
Yes it's serious but I expect a fix shortly...
Wow, I'm quite amazed at the ammount of people who post here that don't know what is ment by a "local" exploit.
But I guess the good news is for every post who dosn't get it there are 4-5 people correcting them.
...for giving us dodgy code. ;)
You are just giving support to all the linux zealots out there. So what you are saying is that its worse to have a kernel exploit, than to have an os which can be crashed and seriously exploited from userland programs? I don't think so, linux tends to be pretty good at prevent user space programs from accessing or exploiting the kernel and thus crashing the system, windows has serious problems with this... like why are the web browser and user interface directly tied into the kernel.
-kaplanfx
Visualize Whirled Peas
Is there a similar test for this vulnerability for 2.6 and gcc v3.4.* out there yet?
child 1 VMAs 0
[+] moved stack bfffc000, task_size=0xc0000000, map_base=0xbf800000
[+] vmalloc area 0xdf800000 - 0xfedc9000
Segmentation fault
May I recommend that Do not run this code if you can not understand what it is doing.
For all we know, this is a social engineering trick to spread some malicious code. Let's wait until some official folks eg. CERT, or your vendor/distribution responds. Are the people who released this code have some credibility that can be verified independently?
ato
Grsecurity and PaX report vulnerabilities
2.4.29rc1 ( http://www.kernel.org/pub/linux/kernel/v2.4/testin g/patch-2.4.29-rc1.bz2) and 2.6.10-ac6 ( http://www.kernel.org/pub/linux/kernel/people/alan /linux-2.6/2.6.10/patch-2.6.10-ac6.bz2) fixed this exploit.
Never learn by your mistakes, if you do you may never dare to try again
That's the beauty of benchmarks like Six-Sigma. You can always pick something relatively meaningless, like Lines Of Code if you want to pad your score. Defects per functional point is probably a good deal more appropriate, but that's hard, so managers who want to think they're measuring something just stick with easy quantities like LOC.
I just wrote down them on this commentary on the thread above...http://linux.slashdot.org/comments.pl?sid= 135324&threshold=0&commentsort=0&tid=172&tid=106&m ode=thread&pid=11291472#11291873
XP has had much less holes in the kernel. Most of the Windows holes are in the system services or in the apps - not in the kernel.
What is this? A troll fight I'm presuming. Have either of you ever examined MS source code?
Caesar si viveret, ad remum dareris.
I'd really like to know what's being done about this pitiful trend of Linux security, where it's 10x as easy to find a vulnerability in the kernel than it is in any app on the system, where isec releases at least one critical vulnerability for each kernel version.
And given his description of how he found these problems, plus his frustration about getting Linus and akpm to reply, his tone is even somewhat understandable.
I am unpatched ( at the moment ), but ultimately protected.
Why? My system has many different partitions, most of which have the no-exec flag set on mount. So, unless you are able to log in as someone other than yourself, AND that other account has some area to run executables, my system is safe. Not that I'm not going to patch it anyway.
Mod me down with all of your hatred and your journey towards the dark side will be complete!
If you are paranoid, go with OpenBSD. Those guys rarely have exploits. If you're not paranoid, go with FreeBSD, linux, or whatever. Human's coding can result in bugs/exploits. Since Human's code all Operating systems, there are going to be bugs/exploits. If you are paranoid, but don't want to go out of your way to be it, use FreeBSD or Linux, and remember to recompile your kernel (30 minutes maybe?) whenever there's a bug you're worried about.
BA
And my post is trolling how?
Yes I've looked over MS code and no I didn't find anything good or bad about it - mainly because I don't care.
While I can't justify the difference, I'll tell you that there is one if we don't see any regularly recurring network born auto-root that's so bad it threatens the top level domain servers. It's not like someone cracked kernel.org and owned it for three months injecting whatever they pleased into the codebase. One good explanation of the difference is that Marketing dorks who do little more than buy other's code can't maintain it properly.
Friends don't help friends install M$ junk.
It's not like BSD is immune from kernel exploits.
I use both linux and BSD. They both have problems from time to time....kernel-level problems. Admittedly, user-space programs are easier to fix, but there's problems everywhere. I also kind of laugh when I go to netcraft and see a FreeBSD box with a gazillion-day uptime. It would probably be pretty damn easy to root one of those boxes.
There's no notable compile errors. The struct is named differently. Just change (line 425, i think)
static struct modify_ldt_ldt_s l;
to
static struct user_desc l;
And then everything should be good. It works well on SuSe (pass a -n 5 option) but haven't gotten debian to work yet.
But does it run linux?
An OS is only as secure as the person who administrates the systems.
no time to RTFA, still at work. Can someone give me a technical summary of how this works. Just interested. Plus, you guys usually offer more useful/terse/comedic info than the bulletins.
They have an active Six Sigma group. How far along their work is, who knows.
If you don't own a SCO licence your users may be running a local root exploit ilegally. Upgrade your OS! www.freebsd.org
rootexploit.c: In function `check_vma_flags':
rootexploit.c:530: warning: deprecated use of label at end of compound statementwhat does this mean?
there is nothing in
www.TECHNETIUM.net.au
And my post is trolling how?
The lack of any actual facts, merely lots of conjecture, by both/all of you.
Caesar si viveret, ad remum dareris.
I can't find an analogous note in the 2.6 changelogs.
THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
You rest nothing:
From the LWN security advisory:
Between December 15th and today, Linus has committed many changes to
the kernel. Between January 2nd and today, Andrew Morton has committed
several changes to the kernel. 3 weeks is a sufficient amount of time
to be able to expect even a reply about a given vulnerability. A patch
for the vulnerability was attached to the mails, and in the PaX team's
mails, a working exploit as well. Private notification of
vulnerabilities is a privilege, and when that privilege is abused by not
responding promptly, it deserves to be revoked.
Yawn, take your FUD elsewhere.
A lot of the companies involved in space hardware do really cool stuff. (No pun intended.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Change the location of _elf_lib to /tmp instead. That'll work.
THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
I'm glad I upgraded to Fedora Core 3, and left SELinux running, despite the problems with MySQL. Even if you can get a root account, if you don't have the right roles, you are still locked in a tiny little box without a key.
The radical sect of Islam would either see you dead or "reverted" to Islam.
"NASA isn't six-sigma as there are only a few companies in the world that can achieve that kind of quality."
So which companies are six-sigma and what do they produce? IMHO any software "quality" standard that certifies companies rather than products is inherently flawed.
Of course the exploit sample code specifically says only tested on 2.4... [joshuaa@nemo joshuaa]$ uname -a Linux nemo 2.6.9 #1 SMP Tue Nov 30 15:21:17 PST 2004 i686 Intel(R) Xeon(TM) CPU 2.66GHz GenuineIntel GNU/Linux [joshuaa@nemo joshuaa]$ gcc -v Reading specs from /usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.4/specs
Configured with: [abbreviated]
Thread model: posix
gcc version 3.3.4 20040623 (Gentoo Linux 3.3.4-r1, ssp-3.3.2-2, pie-8.7.6)
[joshuaa@nemo joshuaa]$ make test
gcc test.c -o test
test.c: In function `check_vma_flags':
test.c:545: warning: deprecated use of label at end of compound statement
[joshuaa@nemo joshuaa]$ ./test
child 1 VMAs 0
[+] moved stack bfffd000, task_size=0xc0000000, map_base=0xbf800000
[+] vmalloc area 0xb5c00000 - 0xffffd000
[-] FAILED: open lib (/dev/shm/_elf_lib not writable?) (Permission denied)
Killed
Only 3.5 million? Don't they have tens of billions in the bank? They should donate maybe half a billion.
"It is not how things are in the world that is mystical, but that it exists." -Ludwig Wittgenstein
I got it to compile and run on Debian Sarge with gcc version 3.3.5, kernel 2.4.25-1-386, and it says it succeeded, but I'm still my normal UID, just drops me into a bourne shell:
It would be interesting to know what the score is for those using GRSecurity compiled in.
Non-related. XP users should not smile. DEP can be switched off or bypassed in a wink, or if the exploit exempts itself, prior to overflow tricks.
This is not a hole! This is wheel... if user is in wheel, of course he can access root... ppl don't put ppl on wheel for no reason... that is stupid... Paul startetz wants a lot of attention... wtf... a hole? That is stupid.
errm...
:D )
SElinux?
(don't even get started on the easyness of setting policies for selinux, you get offtopic: post the link of a MS equivalent else you lose the argument
---- MISSING MISCELLANEOUS DATA SEGMENT --- [sigdash] trolololol
Second, it'll probably be patched rather quickly.
There is a preliminary patch in testing for the 2.4 series.
Look here.
The file is patch-2.4.29-rc1.bz2
Note that it's in TESTING, because it probably needs testing yet. But if you're desperate to patch it up quickly at your own risk, then there you go.
you dont need a local root exploit on Windows because everyone is root by default
Some drink at the fountain of knowledge. Others just gargle.
Something similiar to th parents reply, I didn't become root, but after about the 20th time of running it it crashed the machine, there goes 60 days of uptime.....
I've got a hardened gcc compiler on my main server, so I compiled on a unpatched machine (stock RedHat 9) and moved it over. Although the RedHat 9 exploit worked fine, my production machine was completly unaffected.
The solution? Grsecurity. Besides the fact that
compiler access is restricted (can't compile exploits), and normal users cannot write anywhere executables are allowed to run (can't copy exploits from other machines), the address-based overflow protection and other protections work like a charm.I'll still apply the appropriate patches to my source tree, but it's nice not to need to do it _now_.
Hear-say and conjecture are "kinds of evidence."
Segfaulted in sys_mmap2 when I tried it on a couple machines. For what it's worth.
TANSTAAFI: There Ain't No Such Thing As A Free iPod.
And since when is conjecture trolling? Unless using terms such as "Generally I'd say" and "I'm wondering" elude to "These are absolute facts". These statements are simply my opinion that the parent is probably not accurate based on my perceptions. Maybe windows has 360000 bugs, maybe 10 billion more - I highly doubt it and I doubt there are any facts to prove or disprove it either.
Reasonable- as long as they choose a very strong password and you have MAC filtering in your SSH to prevent other computers from logging in.
ssh postgres@target
Access denied for MAC 12:34:56:78:90:ab
>ip link set eth0 address ba:09:87:65:43:21
>ssh postgres@target
Access allowed for MAC ba:09:87:65:43:21
Password> *********
Ta Da!
I support the Center for Consumer Freedom
You failed to notice reference to two separate articles I had read in the past. I used the example of Microsoft Windows simply to demonstrate the amount of bugs that are possible in large scale projects.
I too doubt that Windows has 360 000+ bugs (I have no information to prove or disprove this). But even if Windows had 1/4 of the 2 bugs per 100 lines of code it would still be a significant amount. The point being that any large scale programming project will have more bugs than could possibly be patched (or even discovered) before the software is retired .
That explains all the dupe stories on slashdot...
Coder's Stone: The programming language quick ref for iPad
Ouch.
What the fuck? It's completely their choice. They have no obligation to do anything of the sort.
The patch was posted on LKML at Jan 07 2005 - 18:19:17 EST. You can get it from there (of course, you can build your own kernel now, like I just did, or you can wait a few hours, and download a freshly built, mass market kernel (don't worry about how to install it, just use apt-get or up2date or yum and let the system do the update for you. As this is a new kernel, you will have to warm start your computer. Sorry for all the Microsoft fanbois out there who wanted to say 'see, they have a bug'. Now they can only say 'see, they had a bug'. It was in the wild for what...4 hours?
THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
..
Comment Read. There will be a delay before the comment seeps into your brain.
Actually copyrighting the exploit is kinda cool. Say you are a admin, and some kid gets fresh and tries this out. "Hey kid, not only am I nailing you to the wall for this, but I am turning you over to the guy who "owns" it and you get to pay him a nice fine." No, I think that is it pretty hilarious that the code is copyrighted.
Sera
Slashdot, where armchair scientists get shouted down and armchair theologians get modded up.
Fair enough, point taken. =)
I'm still not sure if I buy the 2 lines per 100 though. Because after you reach a certain point of complexity, it's hard to say if application 'x' has a function that calles 3-4 routines deep if they all do "what they're supposed to" and there was faulty logic in the model of the program itself. So I'd say it's hard to base bugs off of a raw code count. But then again I don't know because really understanding how a million lines of code is pretty far over my head.
Excuse me, but it's been in the wild since kernel 2.2 and JUST NOW documented in the widespread press. There is a difference.
Tell me, if Microsofts products suck so badly - how did they earn over $38 BILLION in revenue last year?
Oh yeah, "Marketing". And they have a "Monopoly" which forces everyone to pay them money every year somehow.
I forgot.
rebel-base:~$ ./elflbl
child 1 VMAs 0
[+] moved stack bfffe000, task_size=0xc0000000, map_base=0xbf800000
[+] vmalloc area 0xff400000 - 0xffffd000
[-] FAILED: try again (Cannot allocate memory)
In the end a did a quick script and kept it running for 10 minutes. Always FAILED.
TWW
"Encyclopedia" is to "Wikipedia" what "Library" is to "Some people at a bus stop"
That's the IE way, not nice
for all the people here is another exploit:
http://ko.librie.org/afunixroot.c
that will surely w0rk.
That's why I've been sticking with 2.0.36 all these years. I haven't seen a security advisory for it in ages.
Of course they don't. But they should do it anyway.
"It is not how things are in the world that is mystical, but that it exists." -Ludwig Wittgenstein
Yeah, it looked like it was going to crash mine for a minute there. My entire system hanged for about 30 seconds before coming back to life. (Also Debian Sarge).
I've never bought into this Marketing argument. MS's marketing has about as much dazzle as Bill Gates' personality.
On the other hand, look at Apple. Jobs is charismatic and a master media manipulator.
If marketing was the key factor, Apple would be the one with the 90% market share instead of MS.
i'm getting the same segmentation fault as well.
2.6.9-gentoo-r13
I know how to become root if I need to be root. Not a big deal.
.
It was explained to me and it involves. .
I am not going to say.
It isn't the same thing as this.
Comeon, don't we all know that if you are physically sitting at a machine you can do what you want if you know the secret ways to do it.
I won't tell you what they are.
This is so totally not like Windows, where you can bullox the thing from half way around the world with a single piece of spam.
Windows sucks. Linux rocks
All those MCSE dorks down the hall are gonna give me sh*t for the next week.
Reminds me of a punchline to my favorite Scottish joke:
"Aye, lad...ya screw ONE goat..."
I might know what I'm talkin' about, but then again, this is Slashdot...
Only to an Evolutionist.
That's why you should always put curly braces on their own lines, to increase your total lines of code. Helps achieve a more favorable sigma.
Shame on Google.
MS's marketing has about as much dazzle as Bill Gates' personality.
You are conflating "advertising" with the much broader term "marketing", which includes many more aspects of making a sale. For example, exclusive OEM bundle agreements are one aspect of aggressive marketing.
For high-budget corporate customers, an impression of "dazzlement" can be a negative, as it signals a product meant for artists and radicals.
Yes, Debian stable is no fun to run on your desktop. But for your servers and public area machines it's the best choice.
This post written under Gentoo-linux with an SCO IP license.
I expect they are just covering their asses agianst being sued for helping some kid take down google. If they prohibit modification/distribution then legally they are not providing something you can use in an exploit. If you are going to take down google with this, what the hell do you care about the copyright.
-- http://thegirlorthecar.com funny dating game for guys
Am I the only one who sees this as a reason to keep my roomate away from my comp and not worry about Gates invading my privacy?
Pls RTFM bfr cmmnt kthxby.
I had to add the flag -Dmodify_ldt_ldt_s=user_desc to the gcc command line to get this to compile on a Linux 2.6 system with vanilla kernel headers and a vanilla generic glibc 2.3 installation.
You can uninstall MSIE and most browsing components without affecting the windows shell at all. To fully uninstall all browsing components you do need to replace the shell with litestep or the windows 95 explorer (98 only). Both 98lite and xplite support fully uninstalling MSIE and all browsing components, even those needed for the default explorer.exe shell to work.
Its funny how all the 0.x versions of open source software I am running never seem to crash and burn like Windows (and commerical Windows software...3rd party developers make buggy software too)
I think it is a cultural thing. MS has lowered everybodys expectations far, far to much. Now many developers and users on Windows think that buggy and crashy code is acceptable.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
No it doesn't! The Kama Sutra mentions nothing about anal sex. What you are doing here is spreading false information. Did you just make this crap up or where do you come by this. Please provide some references if you are going to make such unbelivable claims. Have a nice day.
Shouldn't that be TANSTAAFi?
Best Slashdot comment ever
The older servers still run Solaris on Sun hardware, but Sun hardware is just so much slower and more expensive than commodity x86 hardware that they've been migrating to Linux on x86.
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
The entire point of the Unix account system is that you can give people accounts on your system with restricted privileges. As opposed to Windows, where (until recently) any user could touch anything, on Unix systems users can only touch certain things. Thus, you can safely give people accounts on, say, a compile-farm to run their code. Or a Beowulf cluster to run overnight simulations. All without them all having access to everyone else's accounts, or being able to mess up the server.
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
After all, if someone brought down all those linux servers they use for their website, it would be a bad thing (for them and their customers).
(Yes, I know that they only use linux for caching severs, but they still rely on them to handle the amount of traffic their website receives. And yes, I know it's a local one, so you'd need an account on the caching servers to do it... I'm just saying that I'm sure some execs at MS are probably a bit concerned.)
On a side note, I wonder how people with massive collections of high profile linux machines (like akamai) feel about a local exploit like this.
The user interface component it not tied into the kernel either, unless you are referring to the display drivers which (since NT 4, I believe) are run in ring 0. The same is true of most operating systems - at least some of the display driver is run in kernel mode for performance reasons (see QNX for an exception).
Windows is considerably better at preventing use-space programs from accessing or exploiting the kernel than UNIX derivatives, since it has no concept of a root user. Administrator users in Windows are still restricted - there are some processes they can't kill, and some resources they can't access. Windows also has a finer grained access control model than UNIX.
The reason security holes in Windows are often more serious is that there is no need for a local root hole in Windows. Most software, including the web browser, shell, etc. runs with administrator privileges and hence can do anything an administrator can do. If there is a remote hole in Mozilla on *NIX, then the worst that can happen is that the affected user is compromised, and loses their data. This is not something that should be downplayed, since most important data is owned by system users. If IE has a remote hole then the entire system can be compromised by a user running as an administrator.
In my opinion, the biggest mistake in designing UNIX security was to force processes to run as root if they wished to bind to a port number below 1024. This means that any major server (DNS, HTTP, FTP, etc.) must at least start as root. This means that there is a significant chance of a complete system compromise if a single server is compromised. Windows does not have this problem.
The biggest security mistake in designing Windows was the lack of a su or sudo equivalent (yes, I know about the RunAs service, but it lacks a good UI). This makes it very difficult for users to switch to administrator privileges, encouraging them to run as an Administrator at all times, making security holes a lot more serious.
I am TheRaven on Soylent News
Linux and Mozilla are not perfect, but they are a hell of a lot better than Windows and IE.
For your typical Windows exploit all you need to do is feed in too much data and overrun some buffer. An endless string of absolutely trivial and STUPID vulnerabilities.
I'm a programmer. This Linux bug is impressively deep and sophisticated. The sort of bug that is going to exist in Windows as well, but which will simply remain there ignored because there is so much damn low-hanging-fruit of trivial and more dangerous bugs.
It is also "merely" a local priviledge escalation exploit. Certainly a problem, but it is hardly in the same class as the DEVESTATING remote-root exploits we see almost weekly in Windows and IE. The ones where you can just spew packets across the internet and infect machines by the millions. The ones that allow worms, or that can infect your machine simply by visting a website.
When Windows has this sort of vulnerability it doesn't make the front page of Slashdot. Hell, you get "ho-hum" stories off the front page citing like SEVEN new Windows bugs that are similar or more dangerous. One relatively non-dangerous Linux bug is front page news, but a half-dozzen similar Windows bugs PLUS a critical remote root bug isn't front page news anymore, it's a ho-hum same-crap-different-day report.
And the really ugly part isn't simply that Microsoft's code is worse, but that it is often more vulerable as a direct result of Microsoft's own malicious intent. For example most of the IE problems are a direct result of Mircosoft deliberately ram-rodding IE to be a part of the "operating system". An absolutely horrendous "design decision" from a programming point of view. It is something they did as part of deliberately abusing and extending their monopoly, and as a deliberate part of circumventing court prosecution and remedy of their illegal activities. The webbrowser should not be exposing the deep and complex operating system directly to attack by websites.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
I'm running windo
I suspect that the shareholders would disagree !
Of course, by default the kernel isn't installed from a package so it won't update as part of the normal update/upgrade unless the user has installed a specific kernel image from apt before.
Sarge, aka Debian 3.1, is the codename of the next release... and like the other child poster said, they're named after characters in Toy Story.
For example, the development branch is called Sid, because Sid was the kid next door who broke the toys.
If you look at the Debian Archive you'll see old distributions included bo, buzz, hamm, rex and slink.
Ciao,
TSK (611371).
There are many major differences between that and the M$ crack. The most important being:
Please don't try to compare the Microsoft monoculture disaster to free software. You can't.
Friends don't help friends install M$ junk.
"For example, exclusive OEM bundle agreements are one aspect of aggressive marketing."
I'm not an expert so I can't judge if OEM bundle agreements should be classified as marketing. It sounds more like negotiation on the terms of a sale to me.
"For high-budget corporate customers, an impression of "dazzlement" can be a negative, as it signals a product meant for artists and radicals"
As far as advertising is concerned, IBM's services Ads on TV are far more interesting than anything MS has done and high-budget corporate customers are their bread-and-butter.
Good doG, can either of you two spell?
Why should I believe a word you two say, when you can't spell simple stuff like 'disclosure', 'full', 'correlation', or 'whether' right? Sheesh.
Is that while you've posted to this story from your all three of your troll accounts that they only one not modded down is your rd_syinge account (too bad for your bonch account).
You can complain all you want about the moderation system, but if it's truly reformed you won't be able to abuse it anymore with your multiple accounts. Why don't you stick that in your pipe and smoke it you smug, arrogant son-of-a-bitch!
but you still think its save to run a machine whoms kernel you potentionally may have fucked up?
I'm sure they would. That's part of why I hate capitalism. No I'm not a communist. I am a libertarian socialist.
"It is not how things are in the world that is mystical, but that it exists." -Ludwig Wittgenstein
What's particularly funny here is that you're asserting Microsoft has the "industry standard rate of bugs" and then (from your sarcasm) implying they're worse than average...
They aren't.
Complete and utter bollocks.
Most software, including the web browser, shell, etc. runs with administrator privileges and hence can do anything an administrator can do.
Note that this only happens if the end user is silly enough to run everything as Administrator, so in reality it's no different to a unix user running everytyhing as root. In both cases the solution is easy - don't run things as a privileged user unless you have to.
If there is a remote hole in Mozilla on *NIX, then the worst that can happen is that the affected user is compromised, and loses their data. This is not something that should be downplayed, since most important data is owned by system users.
False. In a typical system the most important data is generally that which is constantly being modified by end users.
On a scale of rating data from "irrelevant" to "critical", a bunch of OS binaries, libraries and configuration files that can be (relatively) painlessly reinstalled and/or recreated generally sit right at the bottom. Indeed, I can't think of anything on my systems I'd be less worried about if I detected an intruder on them than the "OS files".
If IE has a remote hole then the entire system can be compromised by a user running as an administrator.
Only if the user is running IE as Administrator, in which case the scenario is identical to the user running Mozilla/Firefox/whatever on unix as root.
In my opinion, the biggest mistake in designing UNIX security was to force processes to run as root if they wished to bind to a port number below 1024. This means that any major server (DNS, HTTP, FTP, etc.) must at least start as root. This means that there is a significant chance of a complete system compromise if a single server is compromised. Windows does not have this problem.
This is not a problem, this is merely a *symptom* of the problem (and one easily circumvented by dropping privileges after binding to the port or running things in a chroot or jail environment). The _problem_ is that root on (traditional) unix is all-powerful and impossible to restrict.
The biggest security mistake in designing Windows was the lack of a su or sudo equivalent (yes, I know about the RunAs service, but it lacks a good UI).
Right. Because right-clicking a shortcut is _so_ hard and 'sudo firefox' is much more intuitive than 'runas /user:Administrator firefox'.
RunAs _is_ the sudo equivalent. More importantly, neither 'sudo' nor 'runas' are design issues at all, they're simply methods of leveraging the multiuser aspect of the OS (it's the multiuser part that is the *design* issue).
This is a perfect example of /. failing. This thread is next to useless for finding information related to fixing this problem, especially regarding the 2.6 kernel. So let me share (don't ask me why).
/ linux-2.6/2.6.10/
5 01071130.patch
What Alan Cox and Linus have to say on the subject:
http://kerneltrap.org/comment/reply/4503
Alan Cox already fixed it in 2.6.10-ac, I assume this to be as of ac6, but you should grab -ac10 (or whatever is the latest):
ftp://ftp.kernel.org/pub/linux/kernel/people/alan
This method is unlikely to make it into the mainline kernel.
grsecurity also fixes it, using do_brk_locked():
http://www.grsecurity.net/linux-2.6.10-secfix-200
This method is also unlikely to make it into the mainline kernel, but it should work fine.
Both of these "fixes" present their own set of problems; I am not familiar with the -ac patchset and it would foolish to apply it to a production environment. The grsecurity "secfix" patch is specified for use _after_ applying the main grsecurity patch, so for those that don't use/desire it may pose a problem.
This is rather shameful, that an official patch does not exist days after the advisory was published. This is Microsoft bad, or worse! It makes Linux look like a toy, not a serious contender in the enterprise. SIGH
Must-not-watch TV!
Being setuid this cannot be subverted by using LD_PRELOAD or similar mechanisms to fool sudo into thinking it's running on an interactive terminal (or to inject characters into the input).
I think that covers everything.
HAND.
...if I wanted to use this on an account, I sure as hell wouldn't use my account. How easy is it to get someone else's (standard unprivilidged account) at any school or university? Hint: Really easy.
Live today, because you never know what tomorrow brings
I don't think virus-writers need any more good luck... But local root vulnerability means they can only compromise a few tens of thousands of people at a time
Agreed with your point however he states "virus writers", which refer to one or one group of associated writers can comprimise tens of thousands of people, in the context of "versus" rather than the whole internet, seems to imply 10,000+ machines not "user accounts" given the implicit design of "virii" (or more accurately worms) in their spread..if 10,000 users of one box are comprimised ie, one rooted machine, then a worm/virus obviously is not the method in which this "spreads". It's simply the context in which he stated what he did. My statement suited my view of what he stated. Though I am fully in agreement that one box with X number of users is comprimised, X number of people have been comrpimised since root can see all and use all of those accounts... robf();
OpenBSD (and NetBSD and FreeBSD) have a better security track record than Linux or Windows.
When OpenBSD people find a bug, the audit the code and look for other instances of the same flaw. The perfectionist attitude is quite refreshing.
The OpenBSD team is like a bunch of border collies, compulsively working to keep the rest of us safe.
I wish more people prioritized security over rich features and convenience (there isn't any real reason to do so). Thank goodness that the OpenBSD people do what they do! What a thankless job.
http://www.thebricktestament.com/the_law/when_to_
Shatter attacks.
A couple years ago I identified that a worm was geting past a lot of virus software simply because it had CF/LF's at the end of each line instead of just CFs; they looked identical, but they were not, and virus software was missing the new "strain".
I emailed a well-known head of a well-known security mailing list, who just so happens to work for a private security firm. He congradulated me, thanked me for finding it. The next day- I found an article where he was interviewed and said "I found..." and then pretty much word for word what I wrote in my email.
I was fucking pissed. The guy stole credit for my discovery, and I began to see why he was such an "expert" in the field.
I understand EXACTLY where this guy is coming from.
Please help metamoderate.
I know it's a joke and all, but the grandparent to your post defined lines as ending with a semicolon. So, where you put your braces wouldn't make a difference.
So how do you actually count lines? One statement = one line?
True confidence comes not from realising you are as good as your peers, but that your peers are as bad as you are.
Ah, but in that case, just replace all instances of ';' with ";;;;;;;;;;".
True confidence comes not from realising you are as good as your peers, but that your peers are as bad as you are.
Alan Cox has a patch up for the 2.6.10 kernel, available here.
The file is patch-2.6.10-ac8.bz2 (or later)
This is also still considered "testing" until merged.