Hi Kees,

Thanks for your prompt attention. Just to clarify my possible
misunderstanding, does "Status: New => Invalid" mean this won't get
fixed in Hardy?

Hardy is supposed to be an "LTS" release and we plan to stick with it
for a couple years, so this being already fixed in the development
release (presumably Intrepid?) is wonderful but meanwhile what are Hardy
users to do? Because random processes get killed (and we have already
seen this happen to one of our user stations and one of our servers), I
believe this should be considered a security issue in Hardy and fixed in
Hardy.

(Perhaps you're already planning to do so, and I misunderstood the
meaning of "Status: New => Invalid".)

Thanks.
Alexander



----- Original Message ----
From: Kees Cook <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Sent: Tuesday, October 7, 2008 11:40:20 AM
Subject: [Bug 279752] Re: chkrootkit kills random processes

Thanks for taking the time to report this bug and helping to make Ubuntu
better. I have marked it as public, since it is not a private issue.
Additionally, this has already been fixed in the development release
(which has chkrootkit 0.48-5).  Please feel free to report any other
bugs you may find.

** Changed in: chkrootkit (Ubuntu)
     Assignee: (unassigned) => Kees Cook (kees)
       Status: New => Invalid

** Visibility changed to: Public

-- 
chkrootkit kills random processes
https://bugs.launchpad.net/bugs/279752
You received this bug notification because you are a direct subscriber
of the bug.

Status in “chkrootkit” source package in Ubuntu: Invalid

Bug description:
To test for Enye LKM, chkrootkit 0.47-1.1 blindly sends a signal to PID 12345 
without regard as to what might be running at PID 12345, which might be a 
crucial daemon related to system security or system access. It is common to run 
chkrootkit on a regular basis as a cron job. Because of the potential to 
randomly kill an important process, this should be considered a security bug.

This has been fixed in Debian chkrootkit 0.47-2. See Debian bug report
#421864, and also Debian bug report #457828.

I suggest Ubuntu make the same fix and get it into the security updates
for hardy. Thanks!

-- 
chkrootkit kills random processes
https://bugs.launchpad.net/bugs/279752
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to