Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 20 Jul 2009 17:49:44 +0400
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Subject: Re: Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable

I got to quit commenting on my own postings, here's the last one at
least for today, as I am obviously too tired.  I wrote:

> It occurred to me, from a few things I've seen/read lately, that RHEL 5
> must indeed already include a back-port of the mmap_min_addr feature,
> although somehow it is not in OpenVZ's patch-128.1.1.el5.028stab062.3
> (was added after the -128 revision?), which is why I am adding my own
> back-port of mmap_min_addr on top of that patch.

I had recalled incorrectly.  As Eugene reminded me off-list, the extra
patch I was actually referring to was about making the mmap_min_addr
support (already present in RHEL 5 kernels, including the revision
mentioned above) available independently of CONFIG_SECURITY.

Alexander

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.