[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: local root exploit in 2.4.29



Various wrote:
...
> >> From a previous e-mail the agreed changes were:
> >    b) new kernel 2.4.30, doesn't have driver/patch for sk98lin
> >        SATA options, SCSI
> >        system.map
> >        sysreq magic key
> >        pcnet32 ethernet support
> >        sk98lin from belkin
> >        security ramifications, kevin will tell us how aggressively to
> > deploy
> >        patches: NOTES, common tracking, belkin patches not in 2.4.30
> >
> > Of this, I have
> >        pcnet32 ethernet support
> >        sk98lin from belkin
> >
> > I'm not sure which options to turn on for the remaining settings, so if 
> > anyone has already made a config, or knows what I should turn on, please let 
> > me know.
> >
> > Albert
...

For sysreq, you'll probably need something like this:
CONFIG_MAGIC_SYSRQ=y
	"Magic SysRq key"
		under "Kernel debugging"
			under "Kernel hacking"

In order to *see* that option, I believe you also have
to set this "scary" options:
CONFIG_DEBUG_KERNEL=y
	"Kernel debugging"
		under "Kernel hacking"
This doesn't turn on any code, it just enables
other configuration options in the menu system.

I don't think you have to also turn on
CONFIG_EXPERIMENTAL=y
	"Prompt for development and/or incomplete code/drivers"
		under "Code maturity level options"
which also turns on no code by itself.

					-Marcus