I'm guessing that anyone with real inside info probably isn't willing to publish it (yet) on such a public forum... As far as I can tell from the patch the only possible case is iff chgrp()ing a file which is in one of the groups of the process to another -- but in the case of the nfsd I'm not sure exactly what that implies. It might be that the simple tests fail 'cos the client also does a check so it would only be a problem if one exported to hosts which were running hacked clients. (I'm guessing here of course). I've been waiting for the -35* kernels to get a bit further -- I see they are now in updates-testing/ so can someone tell me what the procedure is to get them moved into updates/ ? If it just requires a few zillion extra QAs I'll prod the people (in other departments here) who run RH73/9 etc to try the update-testing/ versions. I wouldn't want -36 (or whatever) to cause people not to want to test -35 or there will *never* be a kernel update. Of course I'm happy enough running the versions I patch/build myself but I guess that most RHL users arn't. -- Jon -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
