At 01:09 AM 12/2/03 -0800, Eric Cordian wrote:
As reported today on Slashdot, in linux kernels prior to 2.4.23, it is
possible to map the kernel into user space with brk(), since apparently
no
one ever bothered to check that the argument passed was in the lower 3
gig
of the address space.
Eric Cordian wrote:
An interesting occurrence, because it demonstrates that massive numbers of
open source participants auditing the code aren't sufficient to ferret out
every giant coding blunder.
I've heard that argument before (last time I heard it was a problem with
a PGP
As reported today on Slashdot, in linux kernels prior to 2.4.23, it is
possible to map the kernel into user space with brk(), since apparently no
one ever bothered to check that the argument passed was in the lower 3 gig
of the address space.
This is almost as funny as early linux kernels in
On Tue, Dec 02, 2003 at 01:09:31AM -0800, Eric Cordian wrote:
An interesting occurrence, because it demonstrates that massive numbers of
open source participants auditing the code aren't sufficient to ferret out
every giant coding blunder.
I don't know that I'd call it auditing exactly; to my
At 1:09 AM -0800 12/2/03, Eric Cordian wrote:
As reported today on Slashdot, in linux kernels prior to 2.4.23, it is
possible to map the kernel into user space with brk(), since apparently no
one ever bothered to check that the argument passed was in the lower 3 gig
of the address space.
Rule 1:
Eric Tully writes:
I've heard that argument before (last time I heard it was a problem with
a PGP implementation) and I never understand what people are trying to
prove when they say it.
Let me simplify. I found it startling that a Redmond-level bug was in a
mature open-source project, the