These are the same people who think having one common title bar that is shared by all people is a good thing and still refused to admit they were stupid to choose cooperative multitasking instead of premptive multitasking. And lets not forget the whole mhz myth marketing scheme. I think you should take anything Apple tells you with a block of salt.
Read it over.. there isn't any obvious DMCA violations noted.
-- LEGALESE --
PLEASE READ FIRST.
Unfortunately the DMCA prevents this document being issued to US citizens. This document is a copyrighted work. The authors choose to exercise their first distribution rights to prohibit the distribution of this work in the United States Of America, its dependancies, embassies and anywhere else under US law.
Redistibuting this document in the USA may be a criminal offence under the Digital Millenium Copyright Act with punishment including jail sentences. Attempting to test these holes in the USA, even with the permission of the system owner may be an offence. Discussing this document with a US citizen may be an offence.
This document is made available for free without warranty or other right of recourse implied or otherwise. No statement save one in writing by the owner of the copyright changes this usage agreement. Any export download is at your own risk and liability.
There is no other user agreement, should your local law make such an agreement invalid you are prohibited from using this document, and may be committing an offence by redistributing it.
NO WARRANTY
BECAUSE THE DOCUMENT IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE DOCUMENT, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE DOCUMENT "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE DOCUMENT IS WITH YOU. SHOULD THE DOCUMENT PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE DOCUMENT AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE DOCUMENT (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE DOCUMENT TO OPERATE WITH ANY OTHER DOCUMENTS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
-- END LEGALESE --
Security Holes Fixed In Linux 2.4.19
None of the holes documented here are remote. All these problems were uncovered by auditing and there are no current exploits available. In the interest of openness and ensuring people are aware of the security fixes they are documented.
- If the Stradis driver is loaded (hardware must be present) a
maths overflow allowed the user to scribble into kernel memory
- It was possible to feed the SE401 USB hardware driver signed
values and fool kernel checks. This requires the hardware is
present
- The usbvideo driver could be fooled due to a maths overflow corner
case. This requires drivers to be present
- The/proc/slabinfo file could exceed a buffer size and cause
corruption of the kernel. This is really beyond user control but
if it occurs then the user can trigger the corruption
- By setting the TF flag a carefully constructed binary could hang
the kernel dead
- By misusing the rlimit resource limits it was possible to avoid
acct data being written on your process exit
- The joystick driver had erroneous copies in obscure ioctl cases
that could be used to patch the kernel as any user. Hardware
must be present and the module loaded for this vulnerability
to occur
- Multiple errors in the vm86 handling allowed users to force an
"Oops" from the kernel and in some cases to corrupt kernel data.
An additional small fix is needed for 2.4.19 but not 2.4.19-ac
(see bottom)
- The rt_cache_proc file could be tricked into returning chunks of
kernel data.
- On a system with over 1Gb of RAM the loop driver could in some
cases fail and expose kernel data. This is not under user control.
On 2.4.19 the loop driver works fine with large memory systems.
- Multiple/proc files could be persuaded to dump kernel data
due to a sanity checking bug in the proc file handlers
- The XMM SSE registers were not always cleared for new processes
and could expose data from a different task. While it was not
possible to modify another tasks registers there is a small risk
because some cryptographic systems have XMM acceleration functions
We also fixed problems that required privileges to exploit. These affected the IBM S/390 dasd driver, Openprom on Sparc systems, the Intermezzo file system, the ewrk3 network driver, module loading, the microcode driver and vm86. We document these in the interest of completeness.
Finally on a -ac based tree with PnPBIOS enabled a problem existed in some quite common BIOS implementations that causes a crash when certain 32bit BIOS calls are made. This allowed users to crash some systems by reading files in/proc. These files are now root private. The base tree is not affected as it lacks PnPBIOS support
Credits
The authors would like to thank Silvio Cesare, Stas Sergeev, Andi Kleen, Alan Cox, Solar Designer, and many others for their work on making 2.4.19 a more secure kernel.
+/* If the user set TF, it's simplest to clear it right away. */ + if ((eip >=PAGE_OFFSET) && (regs->eflags & TF_MASK)) + goto clear_TF; +/* Mask out spurious debug traps due to lazy DR7 setting */
if (condition & (DR_TRAP0|DR_TRAP1|DR_TRAP2|DR_TRAP3)) {
if (!tsk->thread.debugreg[7])
What?? If he's not present then how does that show his guilt?
Because otherwise there would be no incentive for people to show up to court.. They'd just be like 'ah screw it I know I'm innocent.. forget that..' so instead, if you don't show up, they just put in a verdict against you and then put out a warrent for your arrest.
Anyway.. in this case, there is obviously some kind of paper work they can file or something do have the trial date reassigned until they can be present.
I'm sure they'll spin the 64-bit thing as being 'better' just like they've convinced their loyal followers that the mhz-myth makes an 800mhz G4 perform like a 2+ Mhz Athlon or Intel processor. By the time they even finish developing this 1.8ghz chip, those of us using 32bit chips will be chuggling along at 4ghz or so and waiting for the 5ghz on the horizon.
Thats not quite correct considering that my usb input devices work fine under beos without any added configuration. It might not have supported every usb device, but basic ones were supported.
BeOS's boot loader was called bootman, and was usually installed in the MBR. Far easier than LILO to set up. Run bootman, select the partitions to want to show up in the boot menu, give them labels, choose a defualt, and click OK. Couldn't be easier.
I agree, bootman is the easiest bootloader I've ever seen although I have heard that underneath its just lilo, the gui makes it simple to use. I even use it on systems that don't have beos installed.. Just boot up a cd which has a working beos image on it instead of a installer and you can run bootman and have your booting preferences setup with no problems.
My major clue is that the install process seems to still require the making of a 1.44" boot floppy. That is, if you want to run it by itself, outside of another OS.
Nice troll, but if thats they only clue you have, you better keep looking as its extremely easy to make a bootable cd from the free version assuming you know how to use cd burning software, and the pay version comes on bootable cds and has boot floppys for the small minority that don't have bootable cdrom drives.
The only problem was that there never was a good browser, since there was no might like IBM's to get Netscape to port over to the OS
When you don't know what you are talking about, its generally better to just not say anything at all.. but oh well.. I see someone has already modded you as the troll you are so no harm done.
Its about time the dumb people of the world stood up and faught against this discrimination. Its 2002, are we are still just giving Nobel Prizes to smart people. We need to send a message that we will no longer stand for this inequality.
it does this thing where it internally restarts itself (guessing, since in drops down to a meg of ram, then loads up to 6 megs with ~15 websites loaded). IE never does anything like this.
No, mozilla has nothing to do with it.. the os pages unused programs out when they aren't doing stuff.. the same thing happens with IE.
On Linux, Mozilla doesn't do this because the Window managers don't have any standard hinting for min/max/restore (good in some ways [the WM should manage stateful window positions/size], bad in others [apps can't hook it when they need to]).
I'm glad that I'm done with school now.. It would suck to be the kid these days having to learn about all these new planets found in our solar system. And why do all these new planets have such crazy names? Won't somebody think of the children?
Sound reasoning that most everyone can understand!
Except its not, and it also doesn't address any of the initial points of the post that its replying to..
If you drive on a toll road, you are physically degrading it somewhat and your toll goes to pay for it.. if you copy software that you wouldn't have boughten anyway, you aren't costing the company anything..
Slashdot Mirror
The stats on the computer are nice - a 166 MHz RISC processor with 64MB RAM and 8MB video. That seems like a lot for a car."
No it doesn't. Most ipaq handhelds have better stats than that.
Korea is leading in nearly all walks of a modern high tech life. But there may be downsides.
Living in Korea..
Just its not too bad if you like soccer.
Read the article before you make dumbass comments. They aren't mailing a box of them, they are delivering 1 million of them. Thats 17 tons of aol cds.
its the same guys.. did you read the linked article?
read the faq on the site. you can't return that class of bulk mail to the sender.
Sounds like next year might finally bring a worthy upgrade for my 486dx4-160
I love it when people who never used prepentium systems try to talk like they did.. Everyone knows that a dx4 ran at 100mhz.
That has nothing to do with video editing differences between stock macs and overclocked pentiums though.
I just built an overclocked P4 running at 3.06 Ghz in order to accomplish some video work that most people with stock Macs can do out of the box.
What does that prove? There isn't anything you can do with a 'stock' desktop mac out of the box that you couldn't do on a cheaper pc.
These are the same people who think having one common title bar that is shared by all people is a good thing and still refused to admit they were stupid to choose cooperative multitasking instead of premptive multitasking. And lets not forget the whole mhz myth marketing scheme. I think you should take anything Apple tells you with a block of salt.
Just have to go to prison now I guess.. sorry.
Just what we need.. another reason for people to brag about how great gesture notation and tabbed browsing are.
I can see it now.. people spasmatically jerking their cell phones around trying to get gesture notation to work.
Read it over.. there isn't any obvious DMCA violations noted.
/proc/slabinfo file could exceed a buffer size and cause
/proc files could be persuaded to dump kernel data
/proc. These files are now root private. The base tree is not
/usr/src/exclude linux.20pre1/arch/i386/kernel/traps.c linux.20pre1-ac1/arch/i386/kernel/traps.c
/* If the user set TF, it's simplest to clear it right away. */ /* Mask out spurious debug traps due to lazy DR7 setting */
-- LEGALESE --
PLEASE READ FIRST.
Unfortunately the DMCA prevents this document being issued to US citizens.
This document is a copyrighted work. The authors choose to exercise their
first distribution rights to prohibit the distribution of this work in the
United States Of America, its dependancies, embassies and anywhere else
under US law.
Redistibuting this document in the USA may be a criminal offence under the
Digital Millenium Copyright Act with punishment including jail sentences.
Attempting to test these holes in the USA, even with the permission of the
system owner may be an offence. Discussing this document with a US citizen
may be an offence.
This document is made available for free without warranty or other right of
recourse implied or otherwise. No statement save one in writing by the owner
of the copyright changes this usage agreement. Any export download is at your
own risk and liability.
There is no other user agreement, should your local law make such an
agreement invalid you are prohibited from using this document, and may be
committing an offence by redistributing it.
NO WARRANTY
BECAUSE THE DOCUMENT IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE DOCUMENT, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE DOCUMENT "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE DOCUMENT IS WITH YOU. SHOULD THE
DOCUMENT PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE DOCUMENT AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE DOCUMENT (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE DOCUMENT TO OPERATE WITH ANY OTHER
DOCUMENTS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
-- END LEGALESE --
Security Holes Fixed In Linux 2.4.19
None of the holes documented here are remote. All these problems were
uncovered by auditing and there are no current exploits available. In
the interest of openness and ensuring people are aware of the security
fixes they are documented.
- If the Stradis driver is loaded (hardware must be present) a
maths overflow allowed the user to scribble into kernel memory
- It was possible to feed the SE401 USB hardware driver signed
values and fool kernel checks. This requires the hardware is
present
- The usbvideo driver could be fooled due to a maths overflow corner
case. This requires drivers to be present
- The
corruption of the kernel. This is really beyond user control but
if it occurs then the user can trigger the corruption
- By setting the TF flag a carefully constructed binary could hang
the kernel dead
- By misusing the rlimit resource limits it was possible to avoid
acct data being written on your process exit
- The joystick driver had erroneous copies in obscure ioctl cases
that could be used to patch the kernel as any user. Hardware
must be present and the module loaded for this vulnerability
to occur
- Multiple errors in the vm86 handling allowed users to force an
"Oops" from the kernel and in some cases to corrupt kernel data.
An additional small fix is needed for 2.4.19 but not 2.4.19-ac
(see bottom)
- The rt_cache_proc file could be tricked into returning chunks of
kernel data.
- On a system with over 1Gb of RAM the loop driver could in some
cases fail and expose kernel data. This is not under user control.
On 2.4.19 the loop driver works fine with large memory systems.
- Multiple
due to a sanity checking bug in the proc file handlers
- The XMM SSE registers were not always cleared for new processes
and could expose data from a different task. While it was not
possible to modify another tasks registers there is a small risk
because some cryptographic systems have XMM acceleration functions
We also fixed problems that required privileges to exploit. These affected
the IBM S/390 dasd driver, Openprom on Sparc systems, the Intermezzo file
system, the ewrk3 network driver, module loading, the microcode driver and
vm86. We document these in the interest of completeness.
Finally on a -ac based tree with PnPBIOS enabled a problem existed in some
quite common BIOS implementations that causes a crash when certain 32bit
BIOS calls are made. This allowed users to crash some systems by reading
files in
affected as it lacks PnPBIOS support
Credits
The authors would like to thank Silvio Cesare, Stas Sergeev, Andi Kleen,
Alan Cox, Solar Designer, and many others for their work on making 2.4.19 a
more secure kernel.
-- Additional Required Patch --
diff -u --new-file --recursive --exclude-from
--- linux.20pre1/arch/i386/kernel/traps.c 2002-08-06 15:40:50.000000000 +0100
+++ linux.20pre1-ac1/arch/i386/kernel/traps.c 2002-08-06 15:42:19.000000000 +0100
@@ -305,8 +319,13 @@
static void inline do_trap(int trapnr, int signr, char *str, int vm86,
struct pt_regs * regs, long error_code, siginfo_t *info)
{
- if (vm86 && regs->eflags & VM_MASK)
- goto vm86_trap;
+ if (regs->eflags & VM_MASK) {
+ if (vm86)
+ goto vm86_trap;
+ else
+ goto trap_signal;
+ }
+
if (!(regs->xcs & 3))
goto kernel_trap;
@@ -514,10 +533,15 @@
{
unsigned int condition;
struct task_struct *tsk = current;
+ unsigned long eip = regs->eip;
siginfo_t info;
__asm__ __volatile__("movl %%db6,%0" : "=r" (condition));
+
+ if ((eip >=PAGE_OFFSET) && (regs->eflags & TF_MASK))
+ goto clear_TF;
+
if (condition & (DR_TRAP0|DR_TRAP1|DR_TRAP2|DR_TRAP3)) {
if (!tsk->thread.debugreg[7])
What?? If he's not present then how does that show his guilt?
Because otherwise there would be no incentive for people to show up to court.. They'd just be like 'ah screw it I know I'm innocent.. forget that..' so instead, if you don't show up, they just put in a verdict against you and then put out a warrent for your arrest.
Anyway.. in this case, there is obviously some kind of paper work they can file or something do have the trial date reassigned until they can be present.
Thats great.. how did you find that?
Who would have thought RMS would be against software you have to pay for?
I'm sure they'll spin the 64-bit thing as being 'better' just like they've convinced their loyal followers that the mhz-myth makes an 800mhz G4 perform like a 2+ Mhz Athlon or Intel processor. By the time they even finish developing this 1.8ghz chip, those of us using 32bit chips will be chuggling along at 4ghz or so and waiting for the 5ghz on the horizon.
Biggest downside:
Doesn't support USB.
Thats not quite correct considering that my usb input devices work fine under beos without any added configuration. It might not have supported every usb device, but basic ones were supported.
BeOS's boot loader was called bootman, and was usually installed in the MBR. Far easier than LILO to set up. Run bootman, select the partitions to want to show up in the boot menu, give them labels, choose a defualt, and click OK. Couldn't be easier.
I agree, bootman is the easiest bootloader I've ever seen although I have heard that underneath its just lilo, the gui makes it simple to use. I even use it on systems that don't have beos installed.. Just boot up a cd which has a working beos image on it instead of a installer and you can run bootman and have your booting preferences setup with no problems.
My major clue is that the install process seems to still require the making of a 1.44" boot floppy. That is, if you want to run it by itself, outside of another OS.
Nice troll, but if thats they only clue you have, you better keep looking as its extremely easy to make a bootable cd from the free version assuming you know how to use cd burning software, and the pay version comes on bootable cds and has boot floppys for the small minority that don't have bootable cdrom drives.
The only problem was that there never was a good browser, since there was no might like IBM's to get Netscape to port over to the OS
When you don't know what you are talking about, its generally better to just not say anything at all.. but oh well.. I see someone has already modded you as the troll you are so no harm done.
somehow $580 for a styrofoam helicopter that runs for 3 minutes unless its got a wired connection just doesn't seem like that good of a deal..
Nobel Prizes for Physics Awarded to Smart People
Its about time the dumb people of the world stood up and faught against this discrimination. Its 2002, are we are still just giving Nobel Prizes to smart people. We need to send a message that we will no longer stand for this inequality.
it does this thing where it internally restarts itself (guessing, since in drops down to a meg of ram, then loads up to 6 megs with ~15 websites loaded). IE never does anything like this.
No, mozilla has nothing to do with it.. the os pages unused programs out when they aren't doing stuff.. the same thing happens with IE.
On Linux, Mozilla doesn't do this because the Window managers don't have any standard hinting for min/max/restore (good in some ways [the WM should manage stateful window positions/size], bad in others [apps can't hook it when they need to]).
No.
I'm glad that I'm done with school now.. It would suck to be the kid these days having to learn about all these new planets found in our solar system. And why do all these new planets have such crazy names? Won't somebody think of the children?
Sound reasoning that most everyone can understand!
Except its not, and it also doesn't address any of the initial points of the post that its replying to..
If you drive on a toll road, you are physically degrading it somewhat and your toll goes to pay for it.. if you copy software that you wouldn't have boughten anyway, you aren't costing the company anything..