Re: [NFS] [SECURITY] Re: NFSv3 for Linux 2.2.14: new release

• Next message: Jesse Pollard: "Re: what signal is used when overcommit occurs?"
• Previous message: Rik van Riel: "Re: memory handling in pre5/pre6"
• In reply to: Chris Evans: "Re: [NFS] [SECURITY] Re: NFSv3 for Linux 2.2.14: new release"
• Next in thread: Dave Higgen: "Re: new release"
• Reply: Dave Higgen: "Re: new release"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>>>>> " " == Chris Evans <chris@ferret.lmh.ox.ac.uk> writes:

>> Serious security flaw? Well... That particular code is only
>> meant to be used for mounting the NFSROOT partition, so if you
>> receive an illegal file handle, your client isn't going to boot
>> whether or not the memcpy messes up.

> Oh OK, sorry. I thought it was a more general routine. Still,
> it illustrates something the rest of the NFS code has to be
> careful about.

Agreed, and thanks for bringing it to my attention.

It also drew my attention to another bug in the same code which was
recently fixed in the 2.3.99 series, but which I'd forgotten to
backport to 2.2.14.

I've put out a version 0.20.10 containing both fixes on
  http://www.fys.uio.no/~trondmy/src/linux-2.2.14-nfsv3-0.20.10.dif.bz2

Cheers,
  Trond

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Jesse Pollard: "Re: what signal is used when overcommit occurs?"
• Previous message: Rik van Riel: "Re: memory handling in pre5/pre6"
• In reply to: Chris Evans: "Re: [NFS] [SECURITY] Re: NFSv3 for Linux 2.2.14: new release"
• Next in thread: Dave Higgen: "Re: new release"
• Reply: Dave Higgen: "Re: new release"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sun Apr 23 2000 - 21:00:17 EST