On 05/17/2013 05:49 PM, Jasen Betts wrote:
> On 2013-05-17, crankypuss <crank...@nomail.invalid> wrote:
>> On 05/17/2013 10:45 AM, J G Miller wrote:
>>>
>>> If your 2.6.37 to 3.8.8 kernel is compiled with CONFIG_PERF_EVENTS,
>>> then you really, really need to take a look at this article.
>>>
>>> <
http://arstechnica.COM/security/2013/05/critical-linux-vulnerability-imperils-users-even-after-silent-fix/>
>>>
>>> The criticism of the Linux kernel developers continuing policy of not
>>> publicising critical security fixes is also worth reading.
>>>
>>
>> Okay, I looked at the words, but I'm not sure I understood what I read.
>>
>> What are the privileged accounts they're talking about, are those
>> "sodoers" or something else?
>
> It's basically about "getting root" by tricking the kernel.
>
I saw the part about some bozo not checking buffer extents. Thought it
had something to do with "privileged users". <shrug>