Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 27 May 2002 13:47:37 +0400
From: Solar Designer <solar@...nwall.com>
To: announce@...ts.openwall.com
Cc: owl-users@...ts.openwall.com
Subject: Linux 2.2.21-ow1

Hi,

The Linux 2.2.21-ow1 kernel patch is out and a part of Owl-current.
Besides being an update to Linux 2.2.21, this version has the following
changes:

Access to /proc/sys is no longer restricted even when the "Restricted
/proc" option is enabled.  This is in order to not give a false sense
of security because the same information is also accessible via sysctl(2).
At the same time, access to /proc/tty/driver is restricted to root no
matter what the setting of "Restricted /proc" is.  This is because of
the old permissions being a security problem with the kernel itself
(please refer to the comment in the patch for more information).  Both
of these changes are consistent with the ones previously made in Linux
2.4.18-ow0.

The getcwd(2) instance of the d_path() truncation problem in the Linux
kernel pointed out by Wojciech Purczynski on public mailing lists is
fixed.  Perhaps Alan was just too busy to fix this for 2.2.21 official.

The fsuid/fsgid handling inconsistency discovered by Hao Chen where a
process could enter an illegal state where ruid=euid=suid!=0 and
fsuid=0 (and/or the same for fsgid) is now fixed with a back-port of
the fix from Linux 2.5.16+.

-- 
/sd

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ