lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 23 Feb 2008 20:40:05 +0100 From: Miklos Szeredi <miklos@...redi.hu> To: akpm@...ux-foundation.org CC: greg@...ah.com, miklos@...redi.hu, linux-kernel@...r.kernel.org, stable@...nel.org Subject: Re: [stable] [patch] fuse: fix permission checking > > On Sat, Feb 23, 2008 at 10:38:59AM +0100, Miklos Szeredi wrote: > > > > On Fri, Feb 15, 2008 at 11:23:47AM +0100, Miklos Szeredi wrote: > > > > > This is for 2.6.25 and 2.6.24.y, but NOT for 2.6.23.y. > > > > > > > > > > Thanks, > > > > > Miklos > > > > > ---- > > > > > > > > > > From: Miklos Szeredi <mszeredi@...e.cz> > > > > > > > > > > I added a nasty local variable shadowing bug to fuse in 2.6.24, with > > > > > the result, that the 'default_permissions' mount option is basically > > > > > ignored. > > > > > > > > When this goes into Linus's tree, can you let us know along with the git > > > > commit id? > > > > > > I'd really like to see this in 2.6.24.3. How much time is left? > > > Should I bypass Andrew and submit to Linus ASAP? > > > > There will be a .24.4 soon afterward (week or so), so don't feel like > > you have to rush. Unless this is some kind of security issue? > > > > I'll be sending a bunch of fixes to Linus this weekend, including this patch. Thanks. Yes, this could have security implications, so the earlier, the better. Miklos -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists