|
@@ -23,14 +23,15 @@
|
|
|
<sect2 role="installation">
|
|
|
<title>Installation of the kernel</title>
|
|
|
|
|
|
-<para>Prepare for compilation by running the following command:</para>
|
|
|
+<para>Kernel version 2.6.10 has a security vulnerability that will allow user
|
|
|
+processes to gain root privledges upon loading of a kernel module. See:
|
|
|
+<ulink url="http://www.uwsg.iu.edu/hypermail/linux/kernel/0412.3/0679.html"/> for more information. The following patch fixes this problem:</para>
|
|
|
|
|
|
-<screen><userinput>make mrproper</userinput></screen>
|
|
|
+<screen><userinput>patch -Np1 -i ../linux-&linux-version;-security_fix-1.patch</userinput></screen>
|
|
|
|
|
|
-<para>Also, ensure that the kernel does not attempt to pass hotplugging events
|
|
|
-to userspace until userspace specifies that it is ready:</para>
|
|
|
+<para>Prepare for compilation by running the following command:</para>
|
|
|
|
|
|
-<screen><userinput>sed -i 's@/sbin/hotplug@/bin/true@' kernel/kmod.c</userinput></screen>
|
|
|
+<screen><userinput>make mrproper</userinput></screen>
|
|
|
|
|
|
<para>If, in <xref linkend="ch-scripts-console"/>, you decided you want
|
|
|
to compile the keymap into the kernel, issue the command below:</para>
|