Re: panic

From: Russell Coker (russellat_private)
Date: Thu Jan 24 2002 - 18:06:17 PST

  • Next message: jmjonesat_private: "Re: Legitimate Question"

    On Fri, 25 Jan 2002 07:36, jmjonesat_private wrote:
    > Could your problem with SUDO be related to assumptions by the
    > authors of SUDO with regard to you system?  A patched kernel using
    > a module that further restricts access may violate the tests/assumptions
    > of any userspace application, especially the idea of setuid root, might it
    > not?
    
    An application running as non-root on a bug-free kernel will never cause a 
    panic no matter what it does.
    
    An application running as root can cause a panic by modifying block devices 
    that are mounted, by doing an insmod type operation with something that's not 
    a valid bug-free module which matches the kernel version, or by many other 
    strange things.
    
    Sudo does not try to load modules, modify block devices, or do anything else 
    that has potential for danger.  So (barring catestrophic bugs in sudo or 
    minor bugs that are actively being exploited) it won't do anything that can 
    justifyably cause a panic.
    
    Therefore the panic indicates a bug in the kernel (or hardware failure), pure 
    and simple.
    
    Please try out SE Linux, then you'll know what we're talking about here.
    
    -- 
    http://www.coker.com.au/bonnie++/     Bonnie++ hard drive benchmark
    http://www.coker.com.au/postal/       Postal SMTP/POP benchmark
    http://www.coker.com.au/projects.html Projects I am working on
    http://www.coker.com.au/~russell/     My home page
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Thu Jan 24 2002 - 22:04:24 PST