[linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation

Fernando Lopez-Lezcano nando at ccrma.Stanford.EDU
Wed Dec 29 05:51:25 UTC 2004

Previous message: [linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation
Next message: [linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2004-12-28 at 13:35, Lee Revell wrote:
> On Tue, 2004-12-28 at 13:17 -0800, Fernando Lopez-Lezcano wrote:
> > On Tue, 2004-12-28 at 12:28, Lee Revell wrote:
> > > On Mon, 2004-12-27 at 14:41 +0100, Frank Barknecht wrote:
> > > > Read on here:
> > > > http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2004-12/0390.html
> > > 
> > > Wow, this is a HORRIBLE bug.
> > 
> > Indeed. I tried it and it works. Someone should have been pointing a
> > camera at me to capture the "moment" :-) Spent the better part of
> > yesterday building new Planet CCRMA kernels without this "feature".
> 
> Yes, fortunately realtime-lsm does not depend on the capability module.
> Still, I would expect that many audio users load it out of confusion.

At least in FC3 the capability module is not a module, it is built into
the kernel. Thus the problem, the realtime lsm does not work (tried it)
if capability is built into the kernel, apparently the two modules can't
be stacked, it is one or the other. So, any low latency kernel that
wants to use realtime lsm is, I think, going to be affected. 

-- Fernando

Previous message: [linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation
Next message: [linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Linux-audio-dev mailing list