Mike Tierney wrote
An immediate hotfix that requires no patching or updates is to disable core dumps.
As mentioned in http://www.isec.pl/vulnerabilities/isec-0023-coredump.txt (This is from the guy who discovered this problem - see http://secunia.com/advisories/15341 )
"A hotfix for this vulnerability is to disallow processes to drop core. This can be accomplished by setting the hard core size limit for users to 0 (e.g. ulimit -H -c 0, man limits.conf)."
But you can't do that in a running system. It won't affect running shells of normal users. So you need to reboot, and then you would need to reboot again to allow cores again. So it's easier to reboot only once with a patched kernel... -- Dipl.-Inform. Frank Steiner Web: http://www.bio.ifi.lmu.de/~steiner/ Lehrstuhl f. Bioinformatik Mail: http://www.bio.ifi.lmu.de/~steiner/m/ LMU, Amalienstr. 17 Phone: +49 89 2180-4049 80333 Muenchen, Germany Fax: +49 89 2180-99-4049 * Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat. *