Disposition of 'UBUNTU: SAUCE: (noup) ptrace: being capable wrt a process requires mapped uids/gids'
Seth Forshee
seth.forshee at canonical.com
Mon May 16 18:47:48 UTC 2016
On Thu, May 12, 2016 at 02:19:32PM -0600, Tim Gardner wrote:
> The bug description implies that this vulnerability only exists up to linux
> v4.4.1. Has there been a suitable upstream fix for this ? And can I drop
> this patch in Yakkety ?
>
> http://kernel.ubuntu.com/git/rtg/ubuntu-unstable.git/commit/?h=SAUCE&id=78ce6e2baf275aae597c8612cd366b3370022b27
I don't know what the reference to 4.4.1 is about there. This patch
hasn't been merged upstream, and as far as I can tell no alternative fix
has either. Eric Biederman disputes that it's really a bug at all, which
may explain why it wasn't merged.
So if we still consider this a vulnerability, I think we'll need to keep
the patch.
More information about the kernel-team
mailing list