Security im Kernel 2.6.0
Verfasst: 21.12.2003 15:38:35
Habe was interessantes gefunden, was die Security des 2.6er angeht
you should be aware that the 2.6.0 must fix list still shows that many 2.4.x security fixes have not yet been forward ported to 2.6:
ftp://ftp.kernel.org/pub/linux/kernel/p ... -fix-7.txt
Scroll down to the bottom you'll see these two:
o alan: Forward port 2.4 fixes
- Chris Wright: Security fixes including execve holes, execve vs proc races
o There are about 60 or 70 security related checks that need doing
(copy_user etc) from Stanford tools.
Nur so als Information.
Drum würd ich den 2.6er nicht auf Server ziehen
PS: Diesen Text habe ich auf http://www.grsecurity.org gefunden
you should be aware that the 2.6.0 must fix list still shows that many 2.4.x security fixes have not yet been forward ported to 2.6:
ftp://ftp.kernel.org/pub/linux/kernel/p ... -fix-7.txt
Scroll down to the bottom you'll see these two:
o alan: Forward port 2.4 fixes
- Chris Wright: Security fixes including execve holes, execve vs proc races
o There are about 60 or 70 security related checks that need doing
(copy_user etc) from Stanford tools.
Nur so als Information.
Drum würd ich den 2.6er nicht auf Server ziehen
PS: Diesen Text habe ich auf http://www.grsecurity.org gefunden