Local Root Exploit in Linux 2.4 and 2.6

Anonymous Coattails writes "Summary from the advisory: 'Locally exploitable flaws have been found in the Linux binary format loaders' uselib() functions that allow local users to gain root privileges.'"

What, no remote exploit?!?

[BobPaul]

Why is it every nearly Linux flaw is locally exploitable, where as every nearly every Windows flaw is remotely exploitable?

Maybe Microsoft figures most companies already do a good job of securing their physical servers...

makes me chuckle.

[Canuck+in+Seattle]

all the linux zealots vs all the MS zealots. When will everyone realize that humans are inherently flawed beings who produce inherintly flawed products from cars that run using fire and that rust, to operating systems chock full of flaws. Once linux gains enough momentum and is deployed on a meaningful percentage of business users desktops, hackers will deem it worthwile to devote time to exploit it. its absurd to think that any opeating system is so head and shoulders above anything else. its only a matter of time. get off your soapboxes. Why is using MS update any different than downloading this new linux fix? the doublestandards on display at /. never cease to amaze me. -r sig pending

Re:*sits back*

[heavy+snowfall]

Because in windows, everyone's got root to begin with. Next.

Re:Local vs. Remote

[bombshelter13]

No shit, Sherlock.

Re:*sits back*

[grazzy]

And dont forget, recompile the kernel! Oh they joy of remote-booting .. i do it for fun evrey day. trying beta-alpha-gamma kernels.. just because i love living on the edge with my mission-critical machines.

Re:compare the GNU and M$ cracks?

[twitter]

I'd recommend revising your use of the "monoculture" term given the latest trojan attack on RedHat users and the PHP/Apache/Google worm making the rounds.

As a Debian and boa user, I could care less.