Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20020527134737.A1648@openwall.com>
Date: Mon, 27 May 2002 13:47:37 +0400
From: Solar Designer <solar@...nwall.com>
To: announce@...ts.openwall.com
Cc: owl-users@...ts.openwall.com
Subject: Linux 2.2.21-ow1

Hi,

The Linux 2.2.21-ow1 kernel patch is out and a part of Owl-current.
Besides being an update to Linux 2.2.21, this version has the following
changes:

Access to /proc/sys is no longer restricted even when the "Restricted
/proc" option is enabled.  This is in order to not give a false sense
of security because the same information is also accessible via sysctl(2).
At the same time, access to /proc/tty/driver is restricted to root no
matter what the setting of "Restricted /proc" is.  This is because of
the old permissions being a security problem with the kernel itself
(please refer to the comment in the patch for more information).  Both
of these changes are consistent with the ones previously made in Linux
2.4.18-ow0.

The getcwd(2) instance of the d_path() truncation problem in the Linux
kernel pointed out by Wojciech Purczynski on public mailing lists is
fixed.  Perhaps Alan was just too busy to fix this for 2.2.21 official.

The fsuid/fsgid handling inconsistency discovered by Hao Chen where a
process could enter an illegal state where ruid=euid=suid!=0 and
fsuid=0 (and/or the same for fsgid) is now fixed with a back-port of
the fix from Linux 2.5.16+.

-- 
/sd

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.