On Thu, Nov 7, 2013 at 4:55 AM, Henrique de Moraes Holschuh <h...@hmh.eng.br> wrote: > On Tue, 05 Nov 2013, Andy Lutomirski wrote: >> Maybe the thing to do is to put a warning in the config text for >> CONFIG_OABI_COMPAT that describes the problems (malicious userspace >> can confuse syscall auditors, strace, etc.), change the "if in doubt" >> part to N, and disable seccomp filters if CONFIG_OABI_COMPAT. That >> might even get Debian to change their default. > > Bug reported to the Debian BTS: #728975 > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728975
FWIW, Ubuntu has also now disabled OABI_COMPAT going forward: https://lists.ubuntu.com/archives/kernel-team/2013-November/034242.html -Kees -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
