[19299] in bugtraq
security patch for 2.4.1 kernel
daemon@ATHENA.MIT.EDU (spender)
Tue Feb 20 14:08:57 2001
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-Id: <20010219210521.A6551@linux.salisburymd.org>
Date: Mon, 19 Feb 2001 21:05:21 -0500
Reply-To: spender <spender@LINUX.SALISBURYMD.ORG>
From: spender <spender@LINUX.SALISBURYMD.ORG>
To: BUGTRAQ@SECURITYFOCUS.COM
hi, i've just finished work on a security patch for the 2.4.1 linux kernel.
it's mainly a port of some of the features from solar designer's openwall
patch for 2.2, so credit goes to him for most of the original code. I've
added the feature that is similar to openbsd which only allows users in group
10(wheel) to setuid() to another user. it logs any failed attempts. The
patch so far is in beta stage, it hasn't been thoroughly tested yet, so
i'd like to hear your input, what worked, what didn't (if it worked at all),
and what you'd like to see added to it. you can download the patch off
http://www.getrewted.net in the downloads section. thanks.
-spender
