** Please note that this issue is confidential and no information should be disclosed until it is made public, see "Whiteboard" for a date ** Erik Sjölund reported a race condition where a user in group stapusr can load a kernel object from anywhere on the filesystem due to a race condition in the stap program. This allows members of stapusr to effectively elevate privileges to group stapdev or root.
This bug is purely for tracking purposes, as systemtap is not currently stable. Feel free to bump and patch after the embargo date.
I've commited 0.9.5 to the tree, it contains a fix for CVE-2009-0784.
public as per $URL. nothing more to do because ~arch only, closing.