On Tue, 20 Jun 2017 13:11:24 +0100 Patrick O'Callaghan <pocallaghan@xxxxxxxxx> wrote: > On Mon, 2017-06-19 at 23:08 -0700, stan wrote: > > I'm running > > the kernel with the fix, and it is working fine so far. > > As I understand it (and as the bug report appears to confirm) the fix > is to ld.so, not the kernel, though changing ld.so does of course mean > a reboot. Yes, I also saw that. However, I assumed Laura Abbot, one of the kernel maintainers for Fedora, would know what she is talking about. My assumption was that this was adding the strong stack protection to the kernel side of things. I checked in koji, and the fix is also in the latest glibc (where ld.so comes from), but it hadn't been pushed at that time, so I didn't install the patched version of glibc. As the exploit report said, enabling strong stack protection in the compiler for affected libraries would stop this exploit, but would be expensive. I assume that means it slows execution. > > How do you know it's working? Have you run an exploit test? My statement wasn't clear. I don't have the exploit, and so can't test that. What I meant was that the kernel with the fix was behaving as a normal kernel would, as far as I could tell. i.e. was running fine _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
