http://www.youtube.com/watch?v=UdkpJ13e6Z0

I was wondering if the major root exploit that was found 2 months ago was fixed on the n900 kernel?

Since it's running 2.6.28 it might not be... Hopefully we can get 2.6.31 by december with all the updates?

replace "major" with "local". more information in same amount of words.

If someone on the device can check the value of vm.mmap_min_addr that would help.

As I don't think pulseaudio is used on the device, nor SELinux/AppArmor, the only way to exploit this would be to be able to map something at address 0.

iirc pulseaudio is used.

I was wondering if the major root exploit that was found 2 months ago was fixed on the n900 kernel?

Yes, http://repository.maemo.org/pool/fremantle/free/k/kernel/kernel_2.6.28-20093908+0m5.diff.gz does contain the patch (http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blobdiff;f=net/socket.c;h=6d47165590473daa4990bf69b0435d5c49b4130 2;hp=791d71a36a93dfec5166fe05e2e0cb394cfa904b;hb=e 694958388c50148389b0e9b9e9e8945cf0f1b98;hpb=a3620f 7545344f932873bf98fbdf416b49409c8e).

Since it's running 2.6.28 it might not be... Hopefully we can get 2.6.31 by december with all the updates?

I think it's very unlikely that Fremantle will see anything other than 2.6.28. Backports of specific patches are a different thing of course.

If someone on the device can check the value of vm.mmap_min_addr that would help.

Nokia-N900-41-10:~# cat /proc/sys/vm/mmap_min_addr
4096