I was actually working with the 0.8.5 tarball outside of the kernel.
There doesn't seem to be any problem with SECURITY_CAPABILITIES=n when
using the realtime-lsm 2.6.10 patch. (Again, I built but didn't reboot
to test)
On Thu, 30 Dec 2004 at 10:20 -0600, Jack O'Quin wrote:
> Hans Fugal <[EMAIL PR
Hans Fugal <[EMAIL PROTECTED]> writes:
> On Wed, 29 Dec 2004 at 11:07 +0100, Frank Barknecht wrote:
>> Hallo,
>> Fernando Lopez-Lezcano hat gesagt: // Fernando Lopez-Lezcano wrote:
>>
>> > Why I think this is a yes. Any kernel that wants to use the realtime-lsm
>> > will have to either not build
On Wed, 29 Dec 2004 at 11:07 +0100, Frank Barknecht wrote:
> Hallo,
> Fernando Lopez-Lezcano hat gesagt: // Fernando Lopez-Lezcano wrote:
>
> > Why I think this is a yes. Any kernel that wants to use the realtime-lsm
> > will have to either not build the POSIX capabilities lsm, or build it as
> >
Fernando Lopez-Lezcano <[EMAIL PROTECTED]> writes:
> I don't understand the technical details. I did try this last week but
> it does not work, you can either have the POSIX lsm or the realtime lsm
> subscribed as a secondary module (whatever that is), but not both at the
> same time. Apparently (
On Wed, 2004-12-29 at 10:54 -0800, Fernando Lopez-Lezcano wrote:
> On Wed, 2004-12-29 at 02:07, Frank Barknecht wrote:
> > Hallo,
> > Fernando Lopez-Lezcano hat gesagt: // Fernando Lopez-Lezcano wrote:
> >
> > > Why I think this is a yes. Any kernel that wants to use the realtime-lsm
> > > will ha
On Wed, 2004-12-29 at 02:07, Frank Barknecht wrote:
> Hallo,
> Fernando Lopez-Lezcano hat gesagt: // Fernando Lopez-Lezcano wrote:
>
> > Why I think this is a yes. Any kernel that wants to use the realtime-lsm
> > will have to either not build the POSIX capabilities lsm, or build it as
> > a modul
On Wed, 2004-12-29 at 04:21 -0500, Lee Revell wrote:
> On Tue, 2004-12-28 at 23:36 -0800, Fernando Lopez-Lezcano wrote:
> > Any kernel that wants to use the realtime-lsm
> > will have to either not build the POSIX capabilities lsm, or build it as
> > a module. In the later case the system will be v
Hallo,
Fernando Lopez-Lezcano hat gesagt: // Fernando Lopez-Lezcano wrote:
> Why I think this is a yes. Any kernel that wants to use the realtime-lsm
> will have to either not build the POSIX capabilities lsm, or build it as
> a module. In the later case the system will be vulnerable. The
> realti
On Tue, 2004-12-28 at 23:36 -0800, Fernando Lopez-Lezcano wrote:
> Any kernel that wants to use the realtime-lsm
> will have to either not build the POSIX capabilities lsm, or build it as
> a module. In the later case the system will be vulnerable. The
> realtime-lsm does not depend on the POSIX ca
On Tue, 2004-12-28 at 22:15, Lee Revell wrote:
> On Tue, 2004-12-28 at 21:51 -0800, Fernando Lopez-Lezcano wrote:
> > On Tue, 2004-12-28 at 13:35, Lee Revell wrote:
> > > On Tue, 2004-12-28 at 13:17 -0800, Fernando Lopez-Lezcano wrote:
> > > > On Tue, 2004-12-28 at 12:28, Lee Revell wrote:
> > > >
On Tue, 2004-12-28 at 21:51 -0800, Fernando Lopez-Lezcano wrote:
> On Tue, 2004-12-28 at 13:35, Lee Revell wrote:
> > On Tue, 2004-12-28 at 13:17 -0800, Fernando Lopez-Lezcano wrote:
> > > On Tue, 2004-12-28 at 12:28, Lee Revell wrote:
> > > > On Mon, 2004-12-27 at 14:41 +0100, Frank Barknecht wrot
On Tue, 2004-12-28 at 13:35, Lee Revell wrote:
> On Tue, 2004-12-28 at 13:17 -0800, Fernando Lopez-Lezcano wrote:
> > On Tue, 2004-12-28 at 12:28, Lee Revell wrote:
> > > On Mon, 2004-12-27 at 14:41 +0100, Frank Barknecht wrote:
> > > > Read on here:
> > > > http://www.derkeiler.com/Mailing-Lists/s
On Tue, 2004-12-28 at 22:36 +0100, Frank Barknecht wrote:
> Hallo,
> Fernando Lopez-Lezcano hat gesagt: // Fernando Lopez-Lezcano wrote:
>
> > On Tue, 2004-12-28 at 12:28, Lee Revell wrote:
> > > On Mon, 2004-12-27 at 14:41 +0100, Frank Barknecht wrote:
> > > > Read on here:
> > > > http://www.der
Hallo,
Fernando Lopez-Lezcano hat gesagt: // Fernando Lopez-Lezcano wrote:
> On Tue, 2004-12-28 at 12:28, Lee Revell wrote:
> > On Mon, 2004-12-27 at 14:41 +0100, Frank Barknecht wrote:
> > > Read on here:
> > > http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2004-12/0390.html
> >
>
On Tue, 2004-12-28 at 13:17 -0800, Fernando Lopez-Lezcano wrote:
> On Tue, 2004-12-28 at 12:28, Lee Revell wrote:
> > On Mon, 2004-12-27 at 14:41 +0100, Frank Barknecht wrote:
> > > Read on here:
> > > http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2004-12/0390.html
> >
> > Wow, this
On Tue, 2004-12-28 at 13:17 -0800, Fernando Lopez-Lezcano wrote:
> On Tue, 2004-12-28 at 12:28, Lee Revell wrote:
> > On Mon, 2004-12-27 at 14:41 +0100, Frank Barknecht wrote:
> > > Read on here:
> > > http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2004-12/0390.html
> >
> > Wow, this
On Tue, 2004-12-28 at 12:28, Lee Revell wrote:
> On Mon, 2004-12-27 at 14:41 +0100, Frank Barknecht wrote:
> > Read on here:
> > http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2004-12/0390.html
>
> Wow, this is a HORRIBLE bug.
Indeed. I tried it and it works. Someone should have bee
On Mon, 2004-12-27 at 14:41 +0100, Frank Barknecht wrote:
> Read on here:
> http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2004-12/0390.html
Wow, this is a HORRIBLE bug.
Lee
Hi,
careful with the linux security module: As reported on Bugtraq,
there's a vulnerability when loading LSM as a module instead of
compiling it into the kernel:
"When POSIX Capability LSM module isn't compiled into kernel, after
inserting Capability module into kernel, all existed normal users
p
19 matches
Mail list logo
