Re: again security proposal

Martin von Loewis (martin@mira.isdn.cs.tu-berlin.de)
Thu, 1 Jan 1998 17:37:43 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: linux kernel account: "Re: Filesystem optimization.."
Previous message: Martin von Loewis: "Re: linux-nfs-0.4.21 for Alpha glibc"

> I happen to find this extreme conservatism disturbing. Solaris has
> beaten Linux to the stack-exec fix, even though the Linux patch was
> available long ago! I'd say they took the Linux idea and just used it.
> Innovation must die, right? This is sick.

I still believe that true innovation succeeds in the Linux world. It
is only that there is no true innovation in that particular patch.

As for Solaris copying the idea: They actually do the mistake which we
could avoid so far. They have dozens of s-bit programs that are known
to support stack-exec exploits. Are they fixing those? No. Instead,
they offer a supposed catch-all solution, and now wait for somebody to
find the remaining back door. I'm pretty sure there still is one.

Regards,
Martin

Next message: linux kernel account: "Re: Filesystem optimization.."
Previous message: Martin von Loewis: "Re: linux-nfs-0.4.21 for Alpha glibc"