cvs commit: src/sys/kern vfs_subr.c src/sys/fs/devfs
devfs_vnops.c
Simon L. Nielsen
simon at FreeBSD.org
Thu Nov 10 13:16:27 GMT 2005
On 2005.11.10 14:04:06 +0100, Gordon Bergling wrote:
> Hi,
>
> * Thus spake Doug White (dwhite at FreeBSD.org):
> > dwhite 2005-11-09 22:03:50 UTC
> >
> > FreeBSD src repository
> >
> > Modified files:
> > sys/kern vfs_subr.c
> > sys/fs/devfs devfs_vnops.c
> > Log:
> > This is a workaround for a complicated issue involving VFS cookies and devfs.
> > The PR and patch have the details. The ultimate fix requires architectural
> > changes and clarifications to the VFS API, but this will prevent the system
> > from panicking when someone does "ls /dev" while running in a shell under the
> > linuxulator.
> >
> > This issue affects HEAD and RELENG_6 only.
> >
> > PR: 88249
> > Submitted by: "Devon H. O'Dell" <dodell at ixsystems.com>
> > MFC after: 3 days
> >
> > Revision Changes Path
> > 1.128 +24 -0 src/sys/fs/devfs/devfs_vnops.c
> > 1.652 +4 -0 src/sys/kern/vfs_subr.c
>
> Could this be MFC'ed to RELENG_6_0, too? I think its also a security
> risk on shell servers, where linux emulation is installed and the server
> runs 6.0-RELEASE.
How is it a security risk? Because local users can panic the system
or are there more significant risks?
Note: We do not issue Security Advisories for local DoS
vulnerabilities, but it could be MFC'ed as an errata, but it requires
that the change has been in RELENG_6 for a while before that can be
done.
--
Simon L. Nielsen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/cvs-src/attachments/20051110/af4285ba/attachment.bin
More information about the cvs-src
mailing list