Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 27 May 2002 13:47:37 +0400
From: Solar Designer <>
Subject: Linux 2.2.21-ow1


The Linux 2.2.21-ow1 kernel patch is out and a part of Owl-current.
Besides being an update to Linux 2.2.21, this version has the following

Access to /proc/sys is no longer restricted even when the "Restricted
/proc" option is enabled.  This is in order to not give a false sense
of security because the same information is also accessible via sysctl(2).
At the same time, access to /proc/tty/driver is restricted to root no
matter what the setting of "Restricted /proc" is.  This is because of
the old permissions being a security problem with the kernel itself
(please refer to the comment in the patch for more information).  Both
of these changes are consistent with the ones previously made in Linux

The getcwd(2) instance of the d_path() truncation problem in the Linux
kernel pointed out by Wojciech Purczynski on public mailing lists is
fixed.  Perhaps Alan was just too busy to fix this for 2.2.21 official.

The fsuid/fsgid handling inconsistency discovered by Hao Chen where a
process could enter an illegal state where ruid=euid=suid!=0 and
fsuid=0 (and/or the same for fsgid) is now fixed with a back-port of
the fix from Linux 2.5.16+.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.