FS#21510 : [kernel26] Disable CONFIG

FS#21510 - [kernel26] Disable CONFIG_RDS due to broken code

Attached to Project: Arch Linux
Opened by Marti (intgr) - Thursday, 28 October 2010, 16:13 GMT
Last edited by Tobias Powalowski (tpowa) - Monday, 01 November 2010, 18:48 GMT

Task Type	Bug Report
Category	Packages: Core
Status	Closed
Assigned To	Tobias Powalowski (tpowa) Thomas Bächler (brain0)
Architecture	All
Severity	Medium
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	1 Marti (intgr) (2010-10-28)
Private	No

Details

Description:
A week ago, the RDS privilege escalation bug was reported in the Linux kernel: http://www.exploit-db.com/exploits/15285/
More recently, Linus has criticized the RDS code as "an unmitigated disaster from any standpoint" and said "I'd suggest disabling RDS in any sane setup": http://marc.info/?l=linux-netdev&m=128828004620906&w=2

Since the RDS module can be loaded by any unprivileged user on request (by creating RDS sockets), I think it's best to disable this code entirely. Besides, the only use case for RDS is HPC clusters and I don't think anyone is running unmodified Arch Linux kernels on those anyway.

Additional info:
* package version(s)
kernel26 2.6.36-1

Steps to reproduce:
% zgrep ^CONFIG_RDS /proc/config.gz
CONFIG_RDS=m
CONFIG_RDS_TCP=m

This task depends upon

Closed by Tobias Powalowski (tpowa)
Monday, 01 November 2010, 18:48 GMT
Reason for closing: Implemented

Comment by Tobias Powalowski (tpowa) - Sunday, 31 October 2010, 07:32 GMT

removed in 2.6.36-3 and 2.6.32.25-2

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#21510 - [kernel26] Disable CONFIG_RDS due to broken code

Details

Loading...