October 11, 2001

Uhhuh.. 2.4.12

Author: JT Smith

Linus: "2.4.11 had a fix for a symlink DoS attack, but sadly that fix broke the
creation of files through a dangling symlink rather badly (it caused the
inode to be created in the very same inode as the symlink, with unhappy
end results)."
Uhhuh.. 2.4.12
Date: Thu, 11 Oct 2001 01:04:49 -0700 (PDT)
From: Linus Torvalds 
To: Kernel Mailing List 


2.4.11 had a fix for a symlink DoS attack, but sadly that fix broke the
creation of files through a dangling symlink rather badly (it caused the
inode to be created in the very same inode as the symlink, with unhappy
end results).

Happily nobody uses that particular horror - or _almost_ nobody does. It
looks like at least the SuSE installer (yast2) does, which causes a nasty
unkillable inode as /dev/mouse if you use yast2 on 2.4.11.

("debugfs -w rootdev" + "rm /dev/mouse" will remove it, although I suspect
there are other less drastic methods too if your fsck doesn't seem to
notice anything wrong with it. Only one report of this actually happening
so far).

So I made a 2.4.12, and renamed away the sorry excuse for a kernel that
2.4.11 was.

                 Linus

-----
final:
 - Greg KH: USB update (fix UHCI timeouts, serial unplug)
 - Christoph Rohland: shmem locking fixes
 - Al Viro: more mount cleanup
 - me: fix bad interaction with link_count handling
 - David Miller: Sparc updates, net cleanup
 - Tim Waugh: parport update
 - Jeff Garzik: net driver updates

Category:

  • Linux
Click Here!