Slashdot Mirror


No ELF Vulnerability in 2.6 Kernel

gaijincory writes "Greg KH, the co-maintainer of the 2.6 kernel has posted a comment on lwn.net confirming that there is indeed no such ELF vulnerability as spelled out by Paul Starzetz on isec. The bug was originally thought to be particularly nasty, allowing a malicious user to gain elevated privileges using a carefully crafted binary which would exploit the kernel's Executable and Linking Format. The bug's author confirmed that no one has been able to repro the exploit."

5 of 86 comments (clear)

  1. FP! by Anonymous Coward · · Score: -1, Troll

    yay! FP!

  2. and there was NO head in a bag by Anonymous Coward · · Score: -1, Troll


    [ominous music]
    June the 4th, 1973, was much like any other summer's day in Peterborough,
    and Ralph Mellish, a file clerk at an insurance company, was on his way
    to work as usual when --- [da dum!] Nothing happened! [dum dum da dum]
    Scarcely able to believe his eyes, Ralph Mellish looked down. But one
    glance confirmed his suspicions. Behind a bush, on the side of the road,
    there was *no* severed arm. No dismembered trunk of a man in his late
    fifties. No head in a bag. Nothing. Not a sausage. For Ralph Mellish,
    this was *not* to be the start of any trail of events which would not, in
    no time at all, involve him in neither a tangled knot of suspicion, nor
    any web of lies, which would, had he been not involved, surely have led
    him to no other place, than the central criminal court of the Old Bailey.
    [muttering voices, Judge's gavel banging.]

    But it was not to be [ominous music returns]. Ralph Mellish reached his
    office in Dulls-ells Street in Peterborough, at 9:05 a.m., exactly the
    same time as he usually got in!

    [door opens]
    "Morning, Mr. Mellish"
    "Morning, Enid"

    Enid, a sharp-eyed, clever young girl, who had been with the firm for only 4
    weeks, couldn't help noticing the complete absence of tiny but tell-tale blood
    stains on Mr. Mellish's clothing. Nor did she notice anything strange in Mr.
    Mellish's behavior that whole morning. Nor the next morning. Nor at any time
    before or since the entire period she worked for that firm.

    "Have the new paper clips arrived, Enid?"
    "Yes, they're over there, Mr. Mellish."
    [faintly] "Oh..."

    But for the lack of any untold circumstances for this secretary to
    notice, and the total non-involvement of Mr. Mellish in anything illegal,
    the forweight of the law would insure that Ralph Aulds Mellish would
    have ended up like all who challenge the fundamental laws of our society.
    In an iron coffin with spikes on the inside.

    -- MPFC

  3. linux for boisterous wackos by Anonymous Coward · · Score: -1, Troll

    It is imperative that I give you the following information, which linux wants concealed from the public. First off, the real question here is not, "To what degree is linux going to tell everyone else what to do?". The real question is rather, "Why doesn't it point a critical finger at itself for a change?" As you ponder the answer to that question, consider that it hates it when you say that it feels obligated to erect a screen of flatulent verbiage to hide the real world from its victims. It really hates it when you say that. Try saying that to it sometime, if you have a thick skin and don't mind having it shriek insults at you. I have never been in favor of being gratuitously ultra-loquacious. I have also never been in favor of sticking my head in the sand or of refusing to create a world in which expansionism, autism, and antidisestablishmentarianism are all but forgotten. As amazing as it seems, there is still hope for our society, real hope -- not the false sense of hope that comes from the mouths of what I call politically incorrect caustic-types, but the hope that makes you eager to lend support to the thesis that its op-ed pieces prove that it did little to no research before concluding that it can walk on water. In all fairness, linux will stop at nothing to leach integrity and honor from our souls. This may sound outrageous, but if it were fiction I would have thought of something more credible. As it stands, I challenge linux to point out any text in this letter that proposes that its expedients provide a liberating insight into life, the universe, and everything. It isn't there. There's neither a hint nor a suggestion of such a thing. I can guarantee the readers of this letter that if Fate desired that linux make a correct application of what it had read about parasitism, it would have to indicate title and page number, since the Pecksniffian, violent organization would otherwise never in all its existence find the correct place. But since Fate does not do this, linux is a faithful student of Sun Tzu, the ancient Chinese strategist who advocated demoralizing one's enemy as the highest art of warfare. Whatever weight we accord to that fact, we may be confident that I would be grateful if linux would take a little time from its rigorous schedule to improve the lot of humankind. Of course, pigs will grow wings and fly before that ever happens. While I agree with others' assessment that linux would rather talk about making changes than actually make them, still, I correctly predicted that linux would extinguish the voices of opposition. Alas, I didn't think it'd do that so effectively -- or so soon.

    Linux's callow newsgroup postings can be quite educational. By studying them, students can observe firsthand the consequences of having an organization consumed with paranoia, fear, hatred, and ignorance. Prudence is no vice. Cowardice -- especially linux's lethargic form of it -- is. Essentially, I want to make this clear, so that those who do not understand deeper messages embedded within sarcastic irony -- and you know who I'm referring to -- can process my point.

    Linux is so intolerantly devoted to its own prejudices that its perception of reality is thoroughly warped for a variety of reasons. For instance, it's linux's belief that my letters demonstrate a desire to concentrate all the wealth of the world into its own hands. I can't understand how anyone could go from anything I ever wrote to such an illaudable-to-the-core idea. In fact, my letters generally make the diametrically opposite claim, that I'm willing to accept that as linux feels less and less need to conceal its zingers, it makes increasingly open moves towards loathsome gnosticism. I'm even willing to accept that its representatives are the carrion birds of humanity. But it is not uncommon for it to victimize the innocent, penalize the victim for making any effort to defend himself, and then paint the whole repugnant affair as some great benefit to humanity. I am not in any way placing the blame on linux for boisterous wackos who pre

  4. Re:No ELF vulnerability eh? by Anonymous Coward · · Score: -1, Troll

    Someone should have a DROW with him:

    http://www.geocities.com/angiemtg/

  5. Re:The bug's author? by Anonymous Coward · · Score: -1, Troll

    Man, are you ever witty. Ripping on MS is so original.

    What do you define as a large portion anyway? MS employs 40,000+ people, many of which have nothing to do with actual code. I find it hard to believe that they write bugs.

    But that's fine. You keep on using your bug-free whatever it is that you use. If you're that naive to believe something is bug-free just because it's not from MS, perhaps you should take a cyanide breathmint.

    And please don't bother me with the fix cycle. I don't care how quickly other people patch bugs. You're the one that insinuated MS is the only group of people that write bugs.