Re: Serious Linux 2.0.34 security problem

From: Alan Cox (alanat_private)
Date: Wed Jul 01 1998 - 09:07:15 PDT

Next message: Jackson Dodd: "1998 USENIX Annual Technical Conference - Call for Papers"

Previous message: Brian Martin: "RSI.0005.05-14-98.SUN.LIBNSL (w/ errata)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> >   fcntl(0,F_SETOWN,p);
> >   s = fcntl(0,F_GETFL,0);
> >   fcntl(0,F_SETFL,s|O_ASYNC);
> >   printf("Sending SIGIO - press enter.\n");
> >   getchar();
> >   fcntl(0,F_SETFL,s&~O_ASYNC);
> >   printf("SIGIO send attempted.\n");
> >   return 0;
> > }
>
> Well, that looks like one of the class of security problems described
> by www.openbsd.org/advisories/signals.  Hasn't anyone else fixed those
> problems yet?

Of course Theo if you actually bothered to look back at the Linux sources
you'd see thats an error that crept in and we had SIGIO right way before
the old advisories that predate OpenBSD.

Alan

Next message: Jackson Dodd: "1998 USENIX Annual Technical Conference - Call for Papers"
Previous message: Brian Martin: "RSI.0005.05-14-98.SUN.LIBNSL (w/ errata)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:01:35 PDT