No, it's a priveledged-only memory corruption:
Absolutely.
Guys, what's the status here?
afaict Manfred has identified an available-to-unprivileged-apps kernel
memory corrupter? If so, we should fix it asap for 2.6.25. And for
2.6.24.x if it's also present there.
int unshare_nsproxy_namespaces(unsigned long unshare_flags,
struct nsproxy **new_nsp, struct fs_struct *new_fs)
{
int err = 0;
[snip]
if (!capable(CAP_SYS_ADMIN))
return -EPERM;
Manfred's patch doesn't come close to applying against the 2.6.26 IPCWhere can I find the queued changes? Are they in -mm?
things which we have queued but that's OK - bugfixes come first.