| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 30 Jun 2007 11:04:05 +0100 From: Alan Cox <alan@...rguk.ukuu.org.uk> To: Alan Curry <pacman@...World.com> Cc: linux-kernel@...r.kernel.org Subject: Re: tty O_NONBLOCK spooky action at a distance On Sat, 30 Jun 2007 03:35:07 -0400 (EDT) Alan Curry <pacman@...World.com> wrote: > Short version: writing to a tty with O_NONBLOCK will block if there is > another, unrelated process already blocking inside a write() to the same tty. I sent Linus patches to fix this minor DoS flaw some time ago. I've no idea why they still didn't make the base kernel. They are however in the -mm tree and I'm suprised vendors haven't picked them up. I'll push them again for 2.6.23-rc1 if Andrew doesn't do it himself. In general currently I'd strongly recommend the -mm tree. It is the only kernel which has revoke() support - which is needed to deal with all sorts of interesting abuses on any system with multiple console users (SELinux may also save you here). It's also got a lot of ATA layer fixes so is much more reliable with SATA or with libata PATA at the moment. Of course the fact it has all the cool stuff means it may also have more bugs but you can't have everything. Alan - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists