Matthew Miller wrote:
On Mon, Feb 11, 2008 at 04:26:57PM -0500, Ross S. W. Walker wrote:
Problem with Debian patch is it may conflict with some of the RH backports, but if it works why not submit it to CentOS team for testing as I hear the RH current workaround has issues with GPFs.
I think that's with the powertech.no "ptpatch2008" kernel module which tries to patch the problem in your existing kernel -- not with the actual fix.
Ah, ok, I feel a little better about it then. The reports weren't specific about which patch was used and I assumed it was the patch on bugzilla.
I personnally run my systems behind the firewall, but I suppose anybody who has CentOS/RHEL 5 that is Internet facing would worry a little bit more.
Do you ever use network-accessing applications which might have bugs?
Yes, but always through transparent proxies which scan all traffic.
BTW aren't we all using network-accessing applications which might have bugs all the time? I would say every application we use has bugs, how big or small they are is as yet to be seen, so I trust NOTHING.
I wonder if any existing user-land utilities have hooks into vmsplice that may be able to be accessed via PHP, Perl, or CGI?
It's a system call.
Yes, but conceivable an application can make use of such a system call since it is exploitable from user land and hence the concern.
-Ross
______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.