Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 118535 - circumventing protection of files flagged immutable (CVE-2005-4351)
Summary: circumventing protection of files flagged immutable (CVE-2005-4351)
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
Depends on:
Reported: 2006-01-10 07:50 UTC by Kerin Millar
Modified: 2009-05-03 15:59 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Kerin Millar 2006-01-10 07:50:34 UTC
Hi. I'm filing this because, according to an advisory from, it is possible to place "an arbitrary file
at the location of an immutable file, without changing the immutable
file itself." This is stated to be a weakness of the BSD securelevels mechanism and allegedly all kernels up to and including 2.6.15 are affected (presumably when  SECURITY_SECLVL is enabled).

For further details please see:

Comment 1 Tim Yamin (RETIRED) gentoo-dev 2006-03-11 11:29:31 UTC
Greg -- know if this issue has been fixed?
Comment 2 Greg Kroah-Hartman (RETIRED) gentoo-dev 2006-03-11 13:53:15 UTC
Nope, and it doesn't look like the kernel security levels person cares about
it, and as no one uses it, I wouldn't really worry about it.

Hope this helps.
Comment 3 Tim Yamin (RETIRED) gentoo-dev 2006-03-11 13:54:26 UTC
Thanks Greg -- guess we can close this one as UPSTREAM then.
Comment 4 Robert Buchholz (RETIRED) gentoo-dev 2009-05-03 15:59:23 UTC
reopen to change resolution type