[plug] Kernel 2.4.10

Christian christian at amnet.net.au
Tue Sep 25 12:44:38 WST 2001


On Tue, Sep 25, 2001 at 12:09:34PM +0800, Jason Nicholls wrote:
> On Tue, Sep 25, 2001 at 11:07:25AM +0800, Simon Scott wrote:
 
> Well to make things a little clearer, the linux kernel is preemptive already,
> ie: it will switch tasks when the scheduler sees fit ensuring all processes
> get their fair share of CPU time. BUT when a process is in a system call it
> cannot be preempted. This patch adds kernel preemption. From the patch site:

Does anyone know if the security implications of this have been
considered?  For example, previously the open() system call was atomic
so, if used with the O_EXCL option, this would be a safe way of creating
a new temporary file without inadvertently truncating another file if
subject to a symlink attack.  Now it would seem this may not be the case
since it is possible for the open() call to be interrupted.  This opens
up the possibility of the attacker being able to exploit this new race
condition where previously there was none.

-- 
DSA 0x0EC1D28C: BBCB 0D79 4EBB 078A A066  7267 8BED E9D6 0EC1 D28C



More information about the plug mailing list