Dirty Cow linux kernal exploit
-
-
Someone downvoted that?
But it's not as big a as the actual problem, which was a catastrophic security fuck-up in Linux. Allowing an arbitrary program to overwrite an arbitrary file (through the power of memory-mapped I/O!) is really bad. The worst part was that this was found by someone who got suspicious and did an strace() of a program that they didn't trust, and it was in an area that they knew was tricky and had already put effort into fixing. And then removed the fixes because they caused portability problems, apparently, and that was ages ago too so this vulnerability is really widespread.
Cleaning up after this has been occupying a lot of people's attention recently, it seems.
So yes, bad and -worthy on a grand scale. And someone downvoted it?
-
@dkf said in Dirty Cow linux kernal exploit:
And someone downvoted it?
Weird. Someone with zero posts.
How do I uninstall Linux?
Please follow these instructions.
LOL:
Angry Guy Destroy Computer - FUNNY! – [00:14..01:31] 01:31
— speedupyourpc
-
@dkf said in Dirty Cow linux kernal exploit:
So yes, bad and -worthy on a grand scale. And someone downvoted it?
The downvoter might have been on mobile. That's different you know...
-
@dkf said in Dirty Cow linux kernal exploit:
Someone downvoted that?
I'd downvote it too if I were trying to sell sploits that relied on it.
-
@boomzilla said in Dirty Cow linux kernal exploit:
@dkf said in Dirty Cow linux kernal exploit:
And someone downvoted it?
Weird. Someone with zero posts.
Also, what the fuck is a kernal?
-
@ben_lubar said in Dirty Cow linux kernal exploit:
@boomzilla said in Dirty Cow linux kernal exploit:
@dkf said in Dirty Cow linux kernal exploit:
And someone downvoted it?
Weird. Someone with zero posts.
Also, what the fuck is a kernal?
It's what female popcorn is before it pops?
-
@Tsaukpaetra said in Dirty Cow linux kernal exploit:
@ben_lubar said in Dirty Cow linux kernal exploit:
@boomzilla said in Dirty Cow linux kernal exploit:
@dkf said in Dirty Cow linux kernal exploit:
And someone downvoted it?
Weird. Someone with zero posts.
Also, what the fuck is a kernal?
It's what female popcorn is before it pops?
The lynyx kyrnyl?
-
@ben_lubar said in Dirty Cow linux kernal exploit:
@Tsaukpaetra said in Dirty Cow linux kernal exploit:
@ben_lubar said in Dirty Cow linux kernal exploit:
@boomzilla said in Dirty Cow linux kernal exploit:
@dkf said in Dirty Cow linux kernal exploit:
And someone downvoted it?
Weird. Someone with zero posts.
Also, what the fuck is a kernal?
It's what female popcorn is before it pops?
The lynyx kyrnyl?
No, Mynx.
-
@ben_lubar said in Dirty Cow linux kernal exploit:
@boomzilla said in Dirty Cow linux kernal exploit:
@dkf said in Dirty Cow linux kernal exploit:
Also, what the fuck is a kernal?I'm pretty sure it can be exploited this way as well.
-
@ben_lubar said in Dirty Cow linux kernal exploit:
Also, what the fuck is a kernal?
Kernal Sbace Progran
-
@ben_lubar said in Dirty Cow linux kernal exploit:
what the fuck is a kernal?
A very long-reaching typo by someone at Commodore.
-
@ben_lubar said in Dirty Cow linux kernal exploit:
The lynyx kyrnyl?
LYNYRD SKYNYRD - Sweet Home Alabama – 05:43
— CHEERSPRO
-
@dkf The biggest WTF in this situation is this:
This is an ancient bug that was actually attempted to be fixed once (badly) by me eleven years ago in commit 4ceb5db9757a ("Fix get_user_pages() race for write access") but that was then undone due to problems on s390 by commit f33ea7f404e5 ("fix get_user_pages bug").
Did I mention it was Linus Torvalds who wrote that?
If you knew there was a bug and didn't know how to fix it, why wouldn't you ask someone else about it?
-
@powerlord Undone due to problems on S390.
A mainframe system that was slaughtered 16 years ago.
Because god forbid Linus not do anything perfectly portable.
-
@Weng said in Dirty Cow linux kernal exploit:
@powerlord Undone due to problems on S390.
A mainframe system that was slaughtered 16 years ago.
Because god forbid Linus not do anything perfectly portable.
Speak not when you know not whereof you speak. Modern zArchitecture (64-bit) IBM mainframes can still directly run 32/31-bit System/390 binaries.
Well, they can do that, and they can still directly run 32/24-bit System/360 binaries. You know, the ones that were last compiled fifty years ago.
Microsoft has historically been very good at backwards compatibility. IBM's backwards compatibility makes Microsoft's efforts look like the fumblings of a rank amateur.
-
@Steve_The_Cynic said in Dirty Cow linux kernal exploit:
Microsoft has historically been very good at backwards compatibility. IBM's backwards compatibility makes Microsoft's efforts look like the fumblings of a rank amateur.
QFT
-
@Steve_The_Cynic IBM was, after all, the crowd who built 'Windows that runs Windows binaries better than Windows' as part of OS/2.
-
@Steve_The_Cynic said in Dirty Cow linux kernal exploit:
Speak not when you know not whereof you speak. Modern zArchitecture (64-bit) IBM mainframes can still directly run 32/31-bit System/390 binaries.
Yeah, I know that. But the main thrust of my point was "Wrap it in a fucking compilation conditional. Don't unfix the bug for everyone else."
Yeah, it's hacky. But it's better fucking engineering.
-
@Steve_The_Cynic
And IBM's backwards compatability badassery, while technically quite cool, has served primarily to perpetuate only the greatest crimes against line-of-business software engineering.Because you don't need to scrap and rewrite the productivity suck clusterfuck LOB app when you can keep emulating a 40-year-old machine.
-
@Weng said in Dirty Cow linux kernal exploit:
@Steve_The_Cynic said in Dirty Cow linux kernal exploit:
Speak not when you know not whereof you speak. Modern zArchitecture (64-bit) IBM mainframes can still directly run 32/31-bit System/390 binaries.
Yeah, I know that. But the main thrust of my point was "Wrap it in a fucking compilation conditional. Don't unfix the bug for everyone else."
Then you should have said so. There was no hint of that in your post. (But I agree. Up to a point, anyway. If the lines in your C or C++ source that begin with a # out-number the ones that don't, you are Doing It Wrong.)
-
@Steve_The_Cynic said in Dirty Cow linux kernal exploit:
If the lines in your C or C++ source that begin with a # out-number the ones that don't, you are Doing It Wrong.
With quite a bit of experience, you want to avoid having lots of lines be conditionally compiled if possible, as the complexity that you get otherwise is just awful when you come to trying to maintain the code. It's much better to have a common API and then have the right implementation of that API be picked by the build system by selecting which file to build. Failing that, put the nasty stuff in a header file and then just
#include
it; that's still better than having all the conditional stuff visible.Not that you can hold to this ideal in all cases, of course. It's an ideal after all…