On Friday 11 January 2002 17:51, Seth Arnold wrote: > On Fri, Jan 11, 2002 at 09:16:29AM -0800, Alan wrote: > > > New security vulnerability affects Linux. The "A Linux Intrusion > > > Detection System" security patch for the Linux kernel reportedly > > > creates a security vulnerability. Exploitation is easy and local users > > > may be able to gain unrestricted root privileges. (SecuriTeam.com, 10 > > > JAN 02) > > > > *Which* intrusion detection patch? That covers a number of projects. > > LIDS. Linux Intrusion Detection System. (The fun part is, last I > checked, they had ditched their IDS approach to provide something more > like traditional MAC. :) I should have looked at the acronym. Too much time away from "The Society for Creative Acronyms" I guess. > > That is like saying "A common Windows DLL may cause a problem". It does > > not tell you what you need to know. (I know. A bad example.) > > Yeah. Talk about poor project naming. :) Something appropriate though about having a security patch named after an obsolete unit of measure used in the drug trade. ]:>
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:38:22 PDT