=== asac_ is now known as asac === imbrandon_ is now known as imbrandon [07:39] What is the function of kacpid? It seems not to be documented in the kernel documentation. [08:56] It's the kernel thread that handles acpi events === \sh_away is now known as \sh [11:59] mjg59: Thank xou very much for informing. === \sh is now known as \sh_away [12:09] the vmsplice-exploit is for 2.6.17-2.6.24, and verified working on 7.10 [12:11] http://blog.bofh.it/id_131 [12:11] that's a workaround for now [12:15] tach zusammen [13:33] I suppose that everybody is aware of http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464953 ? [13:33] Debian bug 464953 in linux-2.6 "linux-2.6: mmap() local root exploit" [Critical,Open] [18:42] hello, terribly sorry to bother you but is there any eta on fix for http://bugzilla.kernel.org/show_bug.cgi?id=9924 ? [18:42] bugzilla.kernel.org bug 9924 in Other "Two vmsplice local root exploits" [High,New] [19:43] moin === Traxer is now known as Traxer|on === Traxer|on is now known as Traxer [22:02] http://it.slashdot.org/it/08/02/10/2011257.shtml [22:04] wow. slashdot is really quick on the uptake [22:04] that sounds so ironic ;) [22:04] hi laga btw. [22:04] it was sarcasm, actually :) [22:04] hi kraut [22:05] kraut: if you have a 32 bit system and you cannot reboot it, you can load this module to block both exploits: http://www.linux.it/~md/software/novmsplice.tgz [22:05] http://it.slashdot.org/comments.pl?sid=448542&cid=22372790 [22:06] there's an exploit which blocks the exploit :) [22:07] lol [22:08] i've just read the comments on slashdot [22:08] * laga removes eyes from head with a spoon [22:45] hey guys [22:46] hi [22:46] any eta for the local root exploit bug fix? [22:46] i'm building unofficial kernel packages for 7.10 [22:47] i'm really interested in official stuff [22:47] do you have the fix documented? [22:47] http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=712a30e63c8066ed84385b12edbfb804f49cbc44 [22:49] is that it [22:49] sad, isn't it? :) [22:50] yes [22:50] very [22:50] what a bad rep we'll get [22:50] ;) [22:50] ah, mistakes happen [22:50] indeed [22:50] at least we have a fix [22:51] ivoks have you tried the workaround script? [22:51] the one that adds the RET to the vmsplice memory location? [22:51] no [22:51] oh [22:51] ko [22:51] you have a link? [22:51] yes [22:52] http://www.ping.uio.no/~mortehu/disable-vmsplice-if-exploitable.c [22:52] see if it seems reasonable [22:52] ivoks: from backscroll, didn't you say it doesn't affect gutsy/i386? [22:52] crimsun: yeah, i did [22:52] this is new exploit [22:52] and this one works [22:52] oh, 3 not 2. [22:53] right, 3 doesn't work on gutsy [22:53] thank goodness I'm still running 2.2.26! [22:53] 3? [22:53] 2? [22:54] http://www.milw0rm.com/exploits/5092 [22:54] http://www.milw0rm.com/exploits/5093 [22:54] oh dear [22:54] is the fix the same for both? [22:55] i do hope so... :) [22:55] can't wait till the official fix is released [22:55] i have only one problematic server... [22:55] me too [22:55] all others are 6.06 [22:55] or don't have users at all [22:55] no users at all? [22:56] or no users apart from ones you know [22:56] except me [22:56] ;) [22:56] yeh that's what mine are like [22:56] but i still want them patched ;) [22:56] of course... [22:56] maybe I'll recompile kernel [22:56] give me something to do [22:59] what's the official docs on kernel com/recompiling