Comment Re:Making your system secure (Score 1, Informative) 586
Everyone who is recommending that people should run the 'disable-vmslice-if-exploitable' file should stop doing this!
The fix does patch the syscall, yes, BUT, in doing so it tests the exploit. From what i have gathered in testing this myself, exploiting the bug actually corrupts the kernel memory map leaving your system in an undefined state, absolutely anything could break, including the possibility of the filesystem driver writing crap to your disk. BEWARE if you use this fix, or take out the test mechanism!
The fix does patch the syscall, yes, BUT, in doing so it tests the exploit. From what i have gathered in testing this myself, exploiting the bug actually corrupts the kernel memory map leaving your system in an undefined state, absolutely anything could break, including the possibility of the filesystem driver writing crap to your disk. BEWARE if you use this fix, or take out the test mechanism!
