[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Supexec/Super patch?

To: MiNT mailing list <mint@atari.archive.umich.edu>
Subject: Re: Supexec/Super patch?
From: Anthony Jacques <jacquesa@zetnet.co.uk>
Date: Fri, 29 Aug 1997 19:48:06 +0100

Hi

> what do you think, it is a reasonable idea to patch these functions to be
> root only and release a beta kernel to test with existing software?

Well I dont use a multiuser system so it doesn't really affect me, but I think
that it sounds sensible to me - However, if someone is telneting into a
machine they would not be able to use any progs that use super() unless
they were root - which could cause problems... it shouldn't be a big
patch (AIUI), so I try it and find out what impact it has. :)

> It would be nice if there were more security patches (if any more holes)
> to apply at once.

Well, it sounds like this deleting behaviour needs patching (I cannot
believe it is POSIX if /var/spool/mail is also affected), so that could be
done as well...

Are there any other known security holes?

> Btw. Linux betas have odd version numbers. What about the same for MiNT?

That'll confuse a lot of people - if they hear that MiNT 1.15 has been released
they'll go and download it not realising it is beta...

Anthony

Prev by Date: Re: MiNT security holes?
Next by Date: RE: News onthe kernel 1.14.x
Previous by thread: Supexec/Super patch?
Next by thread: RE: Supexec/Super patch?
Index(es):
- Date
- Thread