[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability
- Subject: RE: [cobalt-security] RAZOR advisory: Linux 2.2.xx /proc/<pid>/mem mmap() vulnerability
- From: "Chuck Lewis" <clewis@xxxxxxxxxx>
- Date: Thu, 19 Dec 2002 12:16:12 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Stephen wrote:
>My understanding is that to upgrade to 2.4.x requires reflashing the
BIOS >of the Raq, which can certainly be done, but has the risk of
rendering the >Raq unbootable if it goes wrong.
>So Sun won't "approve" 2.4.x because then they'd be approving you
breaking
>your Raq and you might expect them to fix it. So they probably never
will
>"approve" it, but they certainly won't stop you. It'll break the
warranty
>but so do most necessary upgrades.
Thanks Stephen,
Wow, so just because they would have to require a reflashing of the
BIOS, they back away ? Seems like with their resources, they could "run
this through the wringer" in the lab and come up with SOMETHING, eh ?
I've reflashed the BIOS on PC's (5 years ago we were buying a TON of HP
PC's and found that each batch that came in and a different BIOS version
and they all needed to be at a certain level or it was causing problems
with something we were doing...). Is it that hard on a Raq ?
Chuck