[Full-disclosure] Re: Linux kernel source archive vulnerable
- From: Joe Feise <jfeise@xxxxxxxxx>
- Date: Mon, 11 Sep 2006 17:28:43 -0700
coderpunk writes:
The standard recommendation is to never compile
the kernel as root.
Which obviously doesn't help you when a non-root user edits the
kernel, you compile it as 'jerry' but still have to install it as
'root'. You're still hosed.
Geez, of course not. Unpacking the kernel as non-root honors umask.
Problem solved.
It would help to 'info tar' before posting...
-Joe
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Follow-Ups:
- [Full-disclosure] Re: Linux kernel source archive vulnerable
- From: coderpunk
- [Full-disclosure] Re: Linux kernel source archive vulnerable
- References:
- [Full-disclosure] Linux kernel source archive vulnerable
- From: Hadmut Danisch
- [Full-disclosure] Re: Linux kernel source archive vulnerable
- From: Gerald (Jerry) Carter
- [Full-disclosure] Re: Linux kernel source archive vulnerable
- From: coderpunk
- [Full-disclosure] Linux kernel source archive vulnerable
- Prev by Date: [Full-disclosure] vCAP calendar server Multiple vulnerabilities
- Next by Date: Re: [Full-disclosure] Re: RSA SecurID SID800 Token vulnerable by design
- Previous by thread: [Full-disclosure] Re: Linux kernel source archive vulnerable
- Next by thread: [Full-disclosure] Re: Linux kernel source archive vulnerable
- Index(es):
Relevant Pages
|
