On 08/01/2011 02:08 PM, Andi Kleen wrote:
For 2.6.38, and Andi's 2.6.35 which has the potential for an
unprivileged process to trigger an oops, it seems irresponsible to me to
not include this change. People who exploit kernel flaws seem good at
taking random Oops's and converting them into methods for privilege
escalation.
I'll ship 2.6.25.14 without the patch, but can you guys please come to a
conclusion whether the patch is useful or not. I'll reconsider it for .15.
Thanks,
-Andi
I'd go with Eric's assessment. He knows way more about this then I do. I
am much less confident that the problem Ubuntu experienced with 2.6.35
was related, it only felt the same (similar network issues).
rtg
--
Tim Gardner [email protected]
_______________________________________________
stable mailing list
[email protected]
http://linux.kernel.org/mailman/listinfo/stable
