29 Dec
2004
29 Dec
'04
3:36 a.m.
On Tue, 2004-12-28 at 22:15, Lee Revell wrote:
On Tue, 2004-12-28 at 21:51 -0800, Fernando
Lopez-Lezcano wrote:
On Tue, 2004-12-28 at 13:35, Lee Revell wrote:
No, the capability module that is referred to in the advisory is the
POSIX capabilities module. I have this configured as a module on my
system, but never load it and realtime-lsm does not depend on it.
realtime-lsm only depnds on the "commoncap" module. On Tue, 2004-12-28 at 13:17 -0800, Fernando
Lopez-Lezcano wrote:
At least in FC3 the capability module is not a module, it is built into
the kernel. Thus the problem, the realtime lsm does not work (tried it)
if capability is built into the kernel, apparently the two modules can't
be stacked, it is one or the other. So, any low latency kernel that
wants to use realtime lsm is, I think, going to be affected. On Tue, 2004-12-28 at 12:28, Lee Revell wrote:
> On Mon, 2004-12-27 at 14:41 +0100, Frank Barknecht wrote:
> > Read on here:
> > http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2004-12/0390.h…
>
> Wow, this is a HORRIBLE bug.
Indeed. I tried it and it works. Someone should have been pointing a
camera at me to capture the "moment" :-) Spent the better part of
yesterday building new Planet CCRMA kernels without this "feature".
Yes, fortunately realtime-lsm does not depend on the capability module.
Still, I would expect that many audio users load it out of confusion. > So, any low latency kernel that
> wants to use realtime lsm is, I think, going to be affected.
Why I think this is a yes. Any kernel that wants to use the realtime-lsm
will have to either not build the POSIX capabilities lsm, or build it as
a module. In the later case the system will be vulnerable. The
realtime-lsm does not depend on the POSIX capabilities lsm but it forces
you to build it as a module, exposing the vulnerability, which maybe I
misunderstood as not being present if you build with the POSIX lsm into
the kernel (as opposed to building it as a module).
I do understand that loading the realtime lsm only does not create a
vulnerability (other than well known possibilities of DOS attacks by
mean linux audio users :-)
-- Fernando