<article>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#article09_11_04_0320254</id>
	<title>Bug In Most Linuxes Can Give Untrusted Users Root</title>
	<author>kdawson</author>
	<datestamp>1257342660000</datestamp>
	<htmltext>Red Midnight and other readers brought to our attention a <a href="http://www.theregister.co.uk/2009/11/03/linux\_kernel\_vulnerability/">bug in most deployed versions of Linux</a> that could result in untrusted users getting root access. The bug was found by Brad Spengler last month. <i>"The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable. While attacks can be prevented by implementing a common feature known as mmap\_min\_addr, the RHEL distribution... doesn't properly implement that protection... The... bug is mitigated by default on most Linux distributions, thanks to their correct implementation of the mmap\_min\_addr feature. ... [Spengler] said many other Linux users are also vulnerable because they run older versions or are forced to turn off [mmap\_min\_addr] to run certain types of applications."</i> The register reprints a <a href="http://www.pubbs.net/openbsd/200911/4582/">dialog from the OpenBSD-misc mailing list</a> in which Theo De Raadt says, "For the record, this particular problem was resolved in OpenBSD a while back, in 2008.  We are not super proud of the solution, but it is what seems best faced with a stupid Intel architectural choice. However, it seems that everyone else is slowly coming around to the same solution."</htmltext>
<tokenext>Red Midnight and other readers brought to our attention a bug in most deployed versions of Linux that could result in untrusted users getting root access .
The bug was found by Brad Spengler last month .
" The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel , making virtually all production versions in use at the moment vulnerable .
While attacks can be prevented by implementing a common feature known as mmap \ _min \ _addr , the RHEL distribution... does n't properly implement that protection... The... bug is mitigated by default on most Linux distributions , thanks to their correct implementation of the mmap \ _min \ _addr feature .
... [ Spengler ] said many other Linux users are also vulnerable because they run older versions or are forced to turn off [ mmap \ _min \ _addr ] to run certain types of applications .
" The register reprints a dialog from the OpenBSD-misc mailing list in which Theo De Raadt says , " For the record , this particular problem was resolved in OpenBSD a while back , in 2008 .
We are not super proud of the solution , but it is what seems best faced with a stupid Intel architectural choice .
However , it seems that everyone else is slowly coming around to the same solution .
"</tokentext>
<sentencetext>Red Midnight and other readers brought to our attention a bug in most deployed versions of Linux that could result in untrusted users getting root access.
The bug was found by Brad Spengler last month.
"The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable.
While attacks can be prevented by implementing a common feature known as mmap\_min\_addr, the RHEL distribution... doesn't properly implement that protection... The... bug is mitigated by default on most Linux distributions, thanks to their correct implementation of the mmap\_min\_addr feature.
... [Spengler] said many other Linux users are also vulnerable because they run older versions or are forced to turn off [mmap\_min\_addr] to run certain types of applications.
" The register reprints a dialog from the OpenBSD-misc mailing list in which Theo De Raadt says, "For the record, this particular problem was resolved in OpenBSD a while back, in 2008.
We are not super proud of the solution, but it is what seems best faced with a stupid Intel architectural choice.
However, it seems that everyone else is slowly coming around to the same solution.
"</sentencetext>
</article>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978274</id>
	<title>Re:Isn't this a dupe?</title>
	<author>Anonymous</author>
	<datestamp>1257004860000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Title: "Bug In Most Linuxes Can Give Untrusted Users Root"</p><p>Article: "The... bug is mitigated by default on most Linux distributions, thanks to their correct implementation of the mmap\_min\_addr feature"<br>What the heck? The title says one thing the article another? Slow news day? This isn't the first time<nobr> <wbr></nobr>... or third for that matter<nobr> <wbr></nobr>...</p></htmltext>
<tokenext>Title : " Bug In Most Linuxes Can Give Untrusted Users Root " Article : " The... bug is mitigated by default on most Linux distributions , thanks to their correct implementation of the mmap \ _min \ _addr feature " What the heck ?
The title says one thing the article another ?
Slow news day ?
This is n't the first time ... or third for that matter .. .</tokentext>
<sentencetext>Title: "Bug In Most Linuxes Can Give Untrusted Users Root"Article: "The... bug is mitigated by default on most Linux distributions, thanks to their correct implementation of the mmap\_min\_addr feature"What the heck?
The title says one thing the article another?
Slow news day?
This isn't the first time ... or third for that matter ...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977346</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977444</id>
	<title>Re:Isn't this a dupe?</title>
	<author>Xonea</author>
	<datestamp>1257001380000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>5</modscore>
	<htmltext>Nope, it is a new one, but the same old bugfix still works.<br> <br>

Just type sysctl -w vm.mmap\_min\_addr=4096 in your box (or any other number &gt; 0) and you are safe.</htmltext>
<tokenext>Nope , it is a new one , but the same old bugfix still works .
Just type sysctl -w vm.mmap \ _min \ _addr = 4096 in your box ( or any other number &gt; 0 ) and you are safe .</tokentext>
<sentencetext>Nope, it is a new one, but the same old bugfix still works.
Just type sysctl -w vm.mmap\_min\_addr=4096 in your box (or any other number &gt; 0) and you are safe.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977346</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29979842</id>
	<title>Re:Patch</title>
	<author>Nerdfest</author>
	<datestamp>1257009900000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>If you use KSplice, you don't need to reboot. I believe KSplice is already pushing the fix for this bug, although I'm basing this statement on what I remember from the description of the patch. Can anyone out there verify it?</htmltext>
<tokenext>If you use KSplice , you do n't need to reboot .
I believe KSplice is already pushing the fix for this bug , although I 'm basing this statement on what I remember from the description of the patch .
Can anyone out there verify it ?</tokentext>
<sentencetext>If you use KSplice, you don't need to reboot.
I believe KSplice is already pushing the fix for this bug, although I'm basing this statement on what I remember from the description of the patch.
Can anyone out there verify it?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978550</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978066</id>
	<title>Re:Isn't this a dupe?</title>
	<author>eparis</author>
	<datestamp>1257004080000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>5</modscore>
	<htmltext>No, this isn't the same bug.  People confuse two issues.  I wrote the mmap\_min\_addr protections to try to mitigate the effects of a certain class of common kernel bugs which exist because of design choices by Intel.  That class of bugs can be summed up as NULL pointer usage.  Every time someone finds a new NULL pointer usage bug we get the same story.  RHEL (and any system with SELinux enabled) did not have protections for mapping the 0 page by local authenticated users, but did have protections for network facing daemons and the like.  Other distros had protections for the local authenticated user but weaker protections for network facing daemons.  The mmap\_min\_addr protections have since been enhanced in SELinux systems such that they have stronger protections, both for local authenticated users and for network facing daemons.  My old comments from the first time this came up are at <a href="http://eparis.livejournal.com/" title="livejournal.com" rel="nofollow">http://eparis.livejournal.com/</a> [livejournal.com]
<br> <br>
But the key to remember is that mmap\_min\_addr implementation is not the bug that allows elevation of privilege.  In this case it was a very very old bug in the implementation of pipes.  Previously Spender and friends have found bugs in performance counters (one which was actually much worse as it didn't fit into the very narrow class which might be mitigated by mmap\_min\_addr), in network sockets, and other places.  These are the bugs which cause this to be a new story.  Once he finds the real bugs he applies some of the same basic techniques (plus a whole lot of thought) to create an exploit.  If the Linux kernel was bug free we wouldn't need mmap\_min\_addr.  If mmap\_min\_addr was bug free (over the years Spender has found multiple problems with my work) this class of bugs would be just a bit less devastating.
<br> <br>
Everyone in the kernel development community needs to think of invalid pointer bugs as a larger security threat then they currently do.  The lesson here, keep your systems patched.</htmltext>
<tokenext>No , this is n't the same bug .
People confuse two issues .
I wrote the mmap \ _min \ _addr protections to try to mitigate the effects of a certain class of common kernel bugs which exist because of design choices by Intel .
That class of bugs can be summed up as NULL pointer usage .
Every time someone finds a new NULL pointer usage bug we get the same story .
RHEL ( and any system with SELinux enabled ) did not have protections for mapping the 0 page by local authenticated users , but did have protections for network facing daemons and the like .
Other distros had protections for the local authenticated user but weaker protections for network facing daemons .
The mmap \ _min \ _addr protections have since been enhanced in SELinux systems such that they have stronger protections , both for local authenticated users and for network facing daemons .
My old comments from the first time this came up are at http : //eparis.livejournal.com/ [ livejournal.com ] But the key to remember is that mmap \ _min \ _addr implementation is not the bug that allows elevation of privilege .
In this case it was a very very old bug in the implementation of pipes .
Previously Spender and friends have found bugs in performance counters ( one which was actually much worse as it did n't fit into the very narrow class which might be mitigated by mmap \ _min \ _addr ) , in network sockets , and other places .
These are the bugs which cause this to be a new story .
Once he finds the real bugs he applies some of the same basic techniques ( plus a whole lot of thought ) to create an exploit .
If the Linux kernel was bug free we would n't need mmap \ _min \ _addr .
If mmap \ _min \ _addr was bug free ( over the years Spender has found multiple problems with my work ) this class of bugs would be just a bit less devastating .
Everyone in the kernel development community needs to think of invalid pointer bugs as a larger security threat then they currently do .
The lesson here , keep your systems patched .</tokentext>
<sentencetext>No, this isn't the same bug.
People confuse two issues.
I wrote the mmap\_min\_addr protections to try to mitigate the effects of a certain class of common kernel bugs which exist because of design choices by Intel.
That class of bugs can be summed up as NULL pointer usage.
Every time someone finds a new NULL pointer usage bug we get the same story.
RHEL (and any system with SELinux enabled) did not have protections for mapping the 0 page by local authenticated users, but did have protections for network facing daemons and the like.
Other distros had protections for the local authenticated user but weaker protections for network facing daemons.
The mmap\_min\_addr protections have since been enhanced in SELinux systems such that they have stronger protections, both for local authenticated users and for network facing daemons.
My old comments from the first time this came up are at http://eparis.livejournal.com/ [livejournal.com]
 
But the key to remember is that mmap\_min\_addr implementation is not the bug that allows elevation of privilege.
In this case it was a very very old bug in the implementation of pipes.
Previously Spender and friends have found bugs in performance counters (one which was actually much worse as it didn't fit into the very narrow class which might be mitigated by mmap\_min\_addr), in network sockets, and other places.
These are the bugs which cause this to be a new story.
Once he finds the real bugs he applies some of the same basic techniques (plus a whole lot of thought) to create an exploit.
If the Linux kernel was bug free we wouldn't need mmap\_min\_addr.
If mmap\_min\_addr was bug free (over the years Spender has found multiple problems with my work) this class of bugs would be just a bit less devastating.
Everyone in the kernel development community needs to think of invalid pointer bugs as a larger security threat then they currently do.
The lesson here, keep your systems patched.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977346</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29995910</id>
	<title>Re:Isn't this a dupe?</title>
	<author>Anonymous</author>
	<datestamp>1257441900000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>Nope, it is a new one, but the same old bugfix still works.</p><p>Just type sysctl -w vm.mmap\_min\_addr=4096 in your box (or any other number &gt; 0) and you are safe.</p></div><p>Looking at my servers for this security bug   I hope we are at no risk for the bug<br>I ran<br>sysctl -n vm.mmap\_min\_addr<br>and returned this Value:<br>error: 'vm.mmap\_min\_addr' is an unknown key</p><p>Are we still at "risk" ?</p></div>
	</htmltext>
<tokenext>Nope , it is a new one , but the same old bugfix still works.Just type sysctl -w vm.mmap \ _min \ _addr = 4096 in your box ( or any other number &gt; 0 ) and you are safe.Looking at my servers for this security bug I hope we are at no risk for the bugI ransysctl -n vm.mmap \ _min \ _addrand returned this Value : error : 'vm.mmap \ _min \ _addr ' is an unknown keyAre we still at " risk " ?</tokentext>
<sentencetext>Nope, it is a new one, but the same old bugfix still works.Just type sysctl -w vm.mmap\_min\_addr=4096 in your box (or any other number &gt; 0) and you are safe.Looking at my servers for this security bug   I hope we are at no risk for the bugI ransysctl -n vm.mmap\_min\_addrand returned this Value:error: 'vm.mmap\_min\_addr' is an unknown keyAre we still at "risk" ?
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977444</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977728</id>
	<title>meta-trolling</title>
	<author>Anonymous</author>
	<datestamp>1257002700000</datestamp>
	<modclass>Troll</modclass>
	<modscore>0</modscore>
	<htmltext><p>Editors, why troll by quoting the vocal spokesperson of a different OS to comment on a Linux problem?</p></htmltext>
<tokenext>Editors , why troll by quoting the vocal spokesperson of a different OS to comment on a Linux problem ?</tokentext>
<sentencetext>Editors, why troll by quoting the vocal spokesperson of a different OS to comment on a Linux problem?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977704</id>
	<title>Exploit?</title>
	<author>RAMMS+EIN</author>
	<datestamp>1257002640000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Is there some sort of exploit code I can run to check if my system is vulnerable? I tried to find some online, but I only came up with some <a href="http://www.packetstormsecurity.org/poisonpen/8lgm/ptchown.c" title="packetstormsecurity.org">code for SCO Unix</a> [packetstormsecurity.org] and some <a href="http://www.grsecurity.net/~spender/exploit.txt" title="grsecurity.net">code</a> [grsecurity.net] that is so horrendously long that I don't dare running it for fear it might do something I don't want to happen on my system.</p></htmltext>
<tokenext>Is there some sort of exploit code I can run to check if my system is vulnerable ?
I tried to find some online , but I only came up with some code for SCO Unix [ packetstormsecurity.org ] and some code [ grsecurity.net ] that is so horrendously long that I do n't dare running it for fear it might do something I do n't want to happen on my system .</tokentext>
<sentencetext>Is there some sort of exploit code I can run to check if my system is vulnerable?
I tried to find some online, but I only came up with some code for SCO Unix [packetstormsecurity.org] and some code [grsecurity.net] that is so horrendously long that I don't dare running it for fear it might do something I don't want to happen on my system.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977686</id>
	<title>Re:So?</title>
	<author>Anonymous</author>
	<datestamp>1257002580000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Anti-Windows people have already patched this:</p><p><div class="quote"><p>For the record, this particular problem was resolved in OpenBSD a while back, in 2008.<nobr> <wbr></nobr>... basically they are resisting this for Windows binary compatibility[.] Ironic, isn't it?<nobr> <wbr></nobr>... We decided we don't care about Wine.</p></div><p>(Theo de Raadt on the OpenBSD mailing list)</p><p>:-)</p></div>
	</htmltext>
<tokenext>Anti-Windows people have already patched this : For the record , this particular problem was resolved in OpenBSD a while back , in 2008 .
... basically they are resisting this for Windows binary compatibility [ .
] Ironic , is n't it ?
... We decided we do n't care about Wine .
( Theo de Raadt on the OpenBSD mailing list ) : - )</tokentext>
<sentencetext>Anti-Windows people have already patched this:For the record, this particular problem was resolved in OpenBSD a while back, in 2008.
... basically they are resisting this for Windows binary compatibility[.
] Ironic, isn't it?
... We decided we don't care about Wine.
(Theo de Raadt on the OpenBSD mailing list):-)
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977330</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29985304</id>
	<title>Award winning work</title>
	<author>harlows\_monkeys</author>
	<datestamp>1256982840000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>It was these kind of issues, and the lame responses to them, that won the Linux kernel developers the <a href="http://pwnie-awards.org/2009/awards.html" title="pwnie-awards.org">2009 Pwnie</a> [pwnie-awards.org] in the "Lamest Vendor Response" category.</p></htmltext>
<tokenext>It was these kind of issues , and the lame responses to them , that won the Linux kernel developers the 2009 Pwnie [ pwnie-awards.org ] in the " Lamest Vendor Response " category .</tokentext>
<sentencetext>It was these kind of issues, and the lame responses to them, that won the Linux kernel developers the 2009 Pwnie [pwnie-awards.org] in the "Lamest Vendor Response" category.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980816</id>
	<title>Re:Isn't this a dupe?</title>
	<author>Anonymous</author>
	<datestamp>1257012900000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Kudos to you, eparis, for your work. I greatly admire those who put in the hours on Linux, and people like yourself are to be admired. Without getting too deep into the whys and wherefores - as I read this, it requires (like the previous bug) local physical access to the machine. While of interest, perhaps this is being over-hyped? Give me local access to a Windows machine and I'll have it stripped and on bricks before you can say "security lapse".</p></htmltext>
<tokenext>Kudos to you , eparis , for your work .
I greatly admire those who put in the hours on Linux , and people like yourself are to be admired .
Without getting too deep into the whys and wherefores - as I read this , it requires ( like the previous bug ) local physical access to the machine .
While of interest , perhaps this is being over-hyped ?
Give me local access to a Windows machine and I 'll have it stripped and on bricks before you can say " security lapse " .</tokentext>
<sentencetext>Kudos to you, eparis, for your work.
I greatly admire those who put in the hours on Linux, and people like yourself are to be admired.
Without getting too deep into the whys and wherefores - as I read this, it requires (like the previous bug) local physical access to the machine.
While of interest, perhaps this is being over-hyped?
Give me local access to a Windows machine and I'll have it stripped and on bricks before you can say "security lapse".</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978066</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977390</id>
	<title>My Unsettling Ubuntu Experience</title>
	<author>Smidge207</author>
	<datestamp>1257001140000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext><p>I'd been using Ubuntu 9.04's LiveCD feature at work to migrate Windows profiles. Unlike Windows, which never properly migrates user directories no matter how you coax it, Ubuntu's simple drag-and-drop replacement from network backup makes user migration a piece of cake.</p><p>I simply booted, configured the network settings, logged into our network backup, and copied the old user directory over top of the new one (we're on a domain). When the user logged back in, their old stuff was all in place. It had really been a lifesaver, and I'd started reading up on it more and started to set up an Ubuntu workstation. But that's when I ran into some weird problems.</p><p>After installing and tinkering around on the GNOME desktop, I opened Terminal. After writing some scripts and creating user accounts, a new terminal window opened. I thought this very odd since I hadn't initiated a new session and none of my scripts would have either. As I was about to close it, I paused my mouse. The terminal session had printed something to the screen, seemingly by itself.</p><p>
    trollaxor@ubuntor:~$<br>
    *** DO U LIKE GUYS Y OR N </p><p>I typed N and the window disappeared. "How weird," I thought, and figured one of my buddies had installed some third party software or something to covertly mess with me. I couldn't remember when I'd told anyone about this install, but I was content to leave it at that since everything was otherwise fine.</p><p>A half hour later, I was farting around in GNOME when it happened again. This time, there was no terminal session even open to begin with; the window just popped up out of nowhere. And again it asked the same question, ominously blinking at me.</p><p>
    trollaxor@ubuntor:~$<br>
    *** DO U LIKE GUYS Y OR N </p><p>Before I did anything else I opened another terminal session and ran top so I could figure out what the fuck was running in the background that was randomly harassing me. I peered through it, sorted by CPU, memory usage, command name&mdash;but nothing. I'm pretty familiar with Linux and I didn't see anything that looked out of the ordinary. At this point I switched back to the frustrating terminal session and typed N and the window closed Only to open right back up and ask again:</p><p>
    trollaxor@ubuntor:~$<br>
    *** DO U LIKE GUYS Y OR N </p><p>Now irritated, I texted several of my buddies the same question, figuring they'd own up when it became obvious to them their little joke had succeeded. Two asked me "wtf" and another said "no y do u? fag!" No admissions came, implicit or otherwise, and I began running ps with its myriad options in hopes of spotting the offending process. A second terminal window popped up on top of the first with the same damn question blinking at me.</p><p>
    trollaxor@ubuntor:~$<br>
    *** DO U LIKE GUYS Y OR N </p><p>Finally in desperation I typed Y and hit return in both of the windows. At first, they went away and I sat silently in anticipation. When nothing happened after ten seconds, I returned to editing my GNOME config files when the desktop wallpaper changed all by itself. Instead of the boring orange default, I was staring at something much different. This was no longer mildly irritating or perplexing&mdash;now I was freaking out and wanted answers. I logged onto Freenode and joined #ubuntu.</p><p>
    #ubuntu Official Ubuntu Support Channel<br>
     hi. i was wondering if anyone ever noticed any versions of ubuntu throwing up terminal sessions with text inside.</p><p>Minutes passed as conversations about screen resolution problems on netbooks, laptop fans running non-stop, and permissions errors on an external USB drives ran back and forth&mdash;typical IRC chatter&mdash;but someone eventually responded to my question.</p><p>
     trollaxor, it's possible but unlikel</p></htmltext>
<tokenext>I 'd been using Ubuntu 9.04 's LiveCD feature at work to migrate Windows profiles .
Unlike Windows , which never properly migrates user directories no matter how you coax it , Ubuntu 's simple drag-and-drop replacement from network backup makes user migration a piece of cake.I simply booted , configured the network settings , logged into our network backup , and copied the old user directory over top of the new one ( we 're on a domain ) .
When the user logged back in , their old stuff was all in place .
It had really been a lifesaver , and I 'd started reading up on it more and started to set up an Ubuntu workstation .
But that 's when I ran into some weird problems.After installing and tinkering around on the GNOME desktop , I opened Terminal .
After writing some scripts and creating user accounts , a new terminal window opened .
I thought this very odd since I had n't initiated a new session and none of my scripts would have either .
As I was about to close it , I paused my mouse .
The terminal session had printed something to the screen , seemingly by itself .
trollaxor @ ubuntor : ~ $ * * * DO U LIKE GUYS Y OR N I typed N and the window disappeared .
" How weird , " I thought , and figured one of my buddies had installed some third party software or something to covertly mess with me .
I could n't remember when I 'd told anyone about this install , but I was content to leave it at that since everything was otherwise fine.A half hour later , I was farting around in GNOME when it happened again .
This time , there was no terminal session even open to begin with ; the window just popped up out of nowhere .
And again it asked the same question , ominously blinking at me .
trollaxor @ ubuntor : ~ $ * * * DO U LIKE GUYS Y OR N Before I did anything else I opened another terminal session and ran top so I could figure out what the fuck was running in the background that was randomly harassing me .
I peered through it , sorted by CPU , memory usage , command name    but nothing .
I 'm pretty familiar with Linux and I did n't see anything that looked out of the ordinary .
At this point I switched back to the frustrating terminal session and typed N and the window closed Only to open right back up and ask again : trollaxor @ ubuntor : ~ $ * * * DO U LIKE GUYS Y OR N Now irritated , I texted several of my buddies the same question , figuring they 'd own up when it became obvious to them their little joke had succeeded .
Two asked me " wtf " and another said " no y do u ?
fag ! " No admissions came , implicit or otherwise , and I began running ps with its myriad options in hopes of spotting the offending process .
A second terminal window popped up on top of the first with the same damn question blinking at me .
trollaxor @ ubuntor : ~ $ * * * DO U LIKE GUYS Y OR N Finally in desperation I typed Y and hit return in both of the windows .
At first , they went away and I sat silently in anticipation .
When nothing happened after ten seconds , I returned to editing my GNOME config files when the desktop wallpaper changed all by itself .
Instead of the boring orange default , I was staring at something much different .
This was no longer mildly irritating or perplexing    now I was freaking out and wanted answers .
I logged onto Freenode and joined # ubuntu .
# ubuntu Official Ubuntu Support Channel hi .
i was wondering if anyone ever noticed any versions of ubuntu throwing up terminal sessions with text inside.Minutes passed as conversations about screen resolution problems on netbooks , laptop fans running non-stop , and permissions errors on an external USB drives ran back and forth    typical IRC chatter    but someone eventually responded to my question .
trollaxor , it 's possible but unlikel</tokentext>
<sentencetext>I'd been using Ubuntu 9.04's LiveCD feature at work to migrate Windows profiles.
Unlike Windows, which never properly migrates user directories no matter how you coax it, Ubuntu's simple drag-and-drop replacement from network backup makes user migration a piece of cake.I simply booted, configured the network settings, logged into our network backup, and copied the old user directory over top of the new one (we're on a domain).
When the user logged back in, their old stuff was all in place.
It had really been a lifesaver, and I'd started reading up on it more and started to set up an Ubuntu workstation.
But that's when I ran into some weird problems.After installing and tinkering around on the GNOME desktop, I opened Terminal.
After writing some scripts and creating user accounts, a new terminal window opened.
I thought this very odd since I hadn't initiated a new session and none of my scripts would have either.
As I was about to close it, I paused my mouse.
The terminal session had printed something to the screen, seemingly by itself.
trollaxor@ubuntor:~$
    *** DO U LIKE GUYS Y OR N I typed N and the window disappeared.
"How weird," I thought, and figured one of my buddies had installed some third party software or something to covertly mess with me.
I couldn't remember when I'd told anyone about this install, but I was content to leave it at that since everything was otherwise fine.A half hour later, I was farting around in GNOME when it happened again.
This time, there was no terminal session even open to begin with; the window just popped up out of nowhere.
And again it asked the same question, ominously blinking at me.
trollaxor@ubuntor:~$
    *** DO U LIKE GUYS Y OR N Before I did anything else I opened another terminal session and ran top so I could figure out what the fuck was running in the background that was randomly harassing me.
I peered through it, sorted by CPU, memory usage, command name—but nothing.
I'm pretty familiar with Linux and I didn't see anything that looked out of the ordinary.
At this point I switched back to the frustrating terminal session and typed N and the window closed Only to open right back up and ask again:
    trollaxor@ubuntor:~$
    *** DO U LIKE GUYS Y OR N Now irritated, I texted several of my buddies the same question, figuring they'd own up when it became obvious to them their little joke had succeeded.
Two asked me "wtf" and another said "no y do u?
fag!" No admissions came, implicit or otherwise, and I began running ps with its myriad options in hopes of spotting the offending process.
A second terminal window popped up on top of the first with the same damn question blinking at me.
trollaxor@ubuntor:~$
    *** DO U LIKE GUYS Y OR N Finally in desperation I typed Y and hit return in both of the windows.
At first, they went away and I sat silently in anticipation.
When nothing happened after ten seconds, I returned to editing my GNOME config files when the desktop wallpaper changed all by itself.
Instead of the boring orange default, I was staring at something much different.
This was no longer mildly irritating or perplexing—now I was freaking out and wanted answers.
I logged onto Freenode and joined #ubuntu.
#ubuntu Official Ubuntu Support Channel
     hi.
i was wondering if anyone ever noticed any versions of ubuntu throwing up terminal sessions with text inside.Minutes passed as conversations about screen resolution problems on netbooks, laptop fans running non-stop, and permissions errors on an external USB drives ran back and forth—typical IRC chatter—but someone eventually responded to my question.
trollaxor, it's possible but unlikel</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29985452</id>
	<title>Re:Bishop bashing bonobos</title>
	<author>Trogre</author>
	<datestamp>1256983320000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I think that's the working name for the next OS X release.  You know, once they run out of big cat names...</p></htmltext>
<tokenext>I think that 's the working name for the next OS X release .
You know , once they run out of big cat names.. .</tokentext>
<sentencetext>I think that's the working name for the next OS X release.
You know, once they run out of big cat names...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977836</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977956</id>
	<title>Re:Another story that isnt a story</title>
	<author>Anonymous</author>
	<datestamp>1257003660000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p># sysctl -n vm.mmap\_min\_addr<br>0</p><p>On 9.10.  Right.  Did you try running the command yourself?</p></htmltext>
<tokenext># sysctl -n vm.mmap \ _min \ _addr0On 9.10 .
Right. Did you try running the command yourself ?</tokentext>
<sentencetext># sysctl -n vm.mmap\_min\_addr0On 9.10.
Right.  Did you try running the command yourself?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977462</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29981682</id>
	<title>Re:Isn't this a dupe?</title>
	<author>WhiteDragon</author>
	<datestamp>1257015480000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>sysctl -n vm.mmap\_min\_addr  to find what your setting is.</p></div><p>error: "vm.mmap\_min\_addr" is an unknown key</p></div>
	</htmltext>
<tokenext>sysctl -n vm.mmap \ _min \ _addr to find what your setting is.error : " vm.mmap \ _min \ _addr " is an unknown key</tokentext>
<sentencetext>sysctl -n vm.mmap\_min\_addr  to find what your setting is.error: "vm.mmap\_min\_addr" is an unknown key
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977850</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29983870</id>
	<title>Re:Bishop bashing bonobos</title>
	<author>HiThere</author>
	<datestamp>1257021540000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>While I'll agree that Theo is abrasive, it was, for me, a very useful comment.<br>Because of it I checked my system AND found out how to patch the revealed weakness.  And if Theo hadn't managed to get Slashdot's attention, I'd probably never have heard of the problem.</p><p>He may be unpleasant, but he's a VERY useful person to have around, even if you aren't running a BSD.  (Which I'm not.  I can't even remember for certain which BSD Theo is associated with.  It doesn't matter to *me*, as a Linux user.  What matters is that Theo made a criticism that Slashdot picked up, and which various people came up with reasons for and solutions as to how to handle.)</p></htmltext>
<tokenext>While I 'll agree that Theo is abrasive , it was , for me , a very useful comment.Because of it I checked my system AND found out how to patch the revealed weakness .
And if Theo had n't managed to get Slashdot 's attention , I 'd probably never have heard of the problem.He may be unpleasant , but he 's a VERY useful person to have around , even if you are n't running a BSD .
( Which I 'm not .
I ca n't even remember for certain which BSD Theo is associated with .
It does n't matter to * me * , as a Linux user .
What matters is that Theo made a criticism that Slashdot picked up , and which various people came up with reasons for and solutions as to how to handle .
)</tokentext>
<sentencetext>While I'll agree that Theo is abrasive, it was, for me, a very useful comment.Because of it I checked my system AND found out how to patch the revealed weakness.
And if Theo hadn't managed to get Slashdot's attention, I'd probably never have heard of the problem.He may be unpleasant, but he's a VERY useful person to have around, even if you aren't running a BSD.
(Which I'm not.
I can't even remember for certain which BSD Theo is associated with.
It doesn't matter to *me*, as a Linux user.
What matters is that Theo made a criticism that Slashdot picked up, and which various people came up with reasons for and solutions as to how to handle.
)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978870</id>
	<title>Re:Bishop bashing bonobos</title>
	<author>Shikaku</author>
	<datestamp>1257006900000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p><div class="quote"><p>"masturbating monkeys"</p></div><p>Is that the next Ubuntu release after Lucid Lynx?  I can't wait!</p></div>
	</htmltext>
<tokenext>" masturbating monkeys " Is that the next Ubuntu release after Lucid Lynx ?
I ca n't wait !</tokentext>
<sentencetext>"masturbating monkeys"Is that the next Ubuntu release after Lucid Lynx?
I can't wait!
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977924</id>
	<title>What's the deal with the masturbating monkeys?</title>
	<author>Anonymous</author>
	<datestamp>1257003540000</datestamp>
	<modclass>Funny</modclass>
	<modscore>5</modscore>
	<htmltext><p>I read Theo's comments and he's going on an on about Torvald's fixation with masturbating monkeys. Then some member of the openBSD crowd even offers a link to purchasing "your very own" **masturbating monkey** <a href="http://www.wellcoolstuff.com/Merchant2/graphics/00000001/20-Apr-07-05.jpg" title="wellcoolstuff.com">http://www.wellcoolstuff.com/Merchant2/graphics/00000001/20-Apr-07-05.jpg</a> [wellcoolstuff.com]


</p><p>Then I read Torvald's comment about the Linux exploit, with Torvald referring to the openBSD developers as being \_\_like\_\_ a "bunch of masturbating monkeys".

</p><p>Ok, so is this like some kind of secret code used among OS kernel developers? Like saying "my shoe is blue but the cow is hungry" really means "Oh man, this code is leaking memory and crashing my system"? Or is this some kind of secret initiation thing, where in order to truly become a member of the OS development club, you have to first<nobr> <wbr></nobr>... masturbate a monkey??!! Can somebody explain it, or maybe do some investigative reporting on this?</p></htmltext>
<tokenext>I read Theo 's comments and he 's going on an on about Torvald 's fixation with masturbating monkeys .
Then some member of the openBSD crowd even offers a link to purchasing " your very own " * * masturbating monkey * * http : //www.wellcoolstuff.com/Merchant2/graphics/00000001/20-Apr-07-05.jpg [ wellcoolstuff.com ] Then I read Torvald 's comment about the Linux exploit , with Torvald referring to the openBSD developers as being \ _ \ _like \ _ \ _ a " bunch of masturbating monkeys " .
Ok , so is this like some kind of secret code used among OS kernel developers ?
Like saying " my shoe is blue but the cow is hungry " really means " Oh man , this code is leaking memory and crashing my system " ?
Or is this some kind of secret initiation thing , where in order to truly become a member of the OS development club , you have to first ... masturbate a monkey ? ? ! !
Can somebody explain it , or maybe do some investigative reporting on this ?</tokentext>
<sentencetext>I read Theo's comments and he's going on an on about Torvald's fixation with masturbating monkeys.
Then some member of the openBSD crowd even offers a link to purchasing "your very own" **masturbating monkey** http://www.wellcoolstuff.com/Merchant2/graphics/00000001/20-Apr-07-05.jpg [wellcoolstuff.com]


Then I read Torvald's comment about the Linux exploit, with Torvald referring to the openBSD developers as being \_\_like\_\_ a "bunch of masturbating monkeys".
Ok, so is this like some kind of secret code used among OS kernel developers?
Like saying "my shoe is blue but the cow is hungry" really means "Oh man, this code is leaking memory and crashing my system"?
Or is this some kind of secret initiation thing, where in order to truly become a member of the OS development club, you have to first ... masturbate a monkey??!!
Can somebody explain it, or maybe do some investigative reporting on this?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29986660</id>
	<title>Re:And?</title>
	<author>Anonymous</author>
	<datestamp>1256987100000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I think you have to be local to do this.  There is no remote attack possible.  So this patch, along with rm -Rf / would go hand in hand.  I mean one is bad and the other is bad.  Locally, I can take an axe to my computer too, and remove a lot of bits also.  Should I be worried?  Only if I go just a bit too hard with the Wild Turkey(tm).</p></htmltext>
<tokenext>I think you have to be local to do this .
There is no remote attack possible .
So this patch , along with rm -Rf / would go hand in hand .
I mean one is bad and the other is bad .
Locally , I can take an axe to my computer too , and remove a lot of bits also .
Should I be worried ?
Only if I go just a bit too hard with the Wild Turkey ( tm ) .</tokentext>
<sentencetext>I think you have to be local to do this.
There is no remote attack possible.
So this patch, along with rm -Rf / would go hand in hand.
I mean one is bad and the other is bad.
Locally, I can take an axe to my computer too, and remove a lot of bits also.
Should I be worried?
Only if I go just a bit too hard with the Wild Turkey(tm).</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977604</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980886</id>
	<title>Why is this interesting</title>
	<author>bassM</author>
	<datestamp>1257013140000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Bugs like this turn up all the time and they usually get fixed before they are badly exploited, it's not newsworthy until an exploit pops up or the bug isn't fixed in a reasonable timeframe.
Or are bugs like these fixed in response to news on slashdot, maybe file a bug report instead?</htmltext>
<tokenext>Bugs like this turn up all the time and they usually get fixed before they are badly exploited , it 's not newsworthy until an exploit pops up or the bug is n't fixed in a reasonable timeframe .
Or are bugs like these fixed in response to news on slashdot , maybe file a bug report instead ?</tokentext>
<sentencetext>Bugs like this turn up all the time and they usually get fixed before they are badly exploited, it's not newsworthy until an exploit pops up or the bug isn't fixed in a reasonable timeframe.
Or are bugs like these fixed in response to news on slashdot, maybe file a bug report instead?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978296</id>
	<title>Re:So?</title>
	<author>Anonymous</author>
	<datestamp>1257004920000</datestamp>
	<modclass>Troll</modclass>
	<modscore>1</modscore>
	<htmltext>I could say "The... bug is mitigated by default on most Linux distributions, thanks to their correct implementation of the mmap\_min\_addr feature."
<br> <br>
I could compare the average time to fix a critical bug between the two platforms.
<br> <br>
I could point out that we will never know what bugs Microsoft is sitting on without reporting.
<br> <br>
I could point out how Windows servers just don't seem to work well if they aren't rebooted regularly while Linux boxes just seem to go until the hardware wears out.
<br> <br>
I could point out that my wife's Vista box is 2 to 4 times faster than my Gentoo box in just about all hardware stats and yet I usually get about 10 times the framerate in games with 3D graphics.
<br> <br>
I could point out all the hardware (printers, scanners, etc...) my Windows using friends and relatives threw out because there were no Vista drivers.
<br> <br>
I could point out the ease of installing software with a good package manager.
<br> <br>
I talk about the wealth of free software available for Linux (yes, some of it has Windows ports)
<br> <br>
I could mention the price of Windows, or the prices of most of the popular software that most Windows users claim they need Windows for. (not really relevant when most people pirate it anyway though)
<br> <br>
I might go on and on telling all sorts of true stories about Windows vs Linux but who would really want to read them.</htmltext>
<tokenext>I could say " The... bug is mitigated by default on most Linux distributions , thanks to their correct implementation of the mmap \ _min \ _addr feature .
" I could compare the average time to fix a critical bug between the two platforms .
I could point out that we will never know what bugs Microsoft is sitting on without reporting .
I could point out how Windows servers just do n't seem to work well if they are n't rebooted regularly while Linux boxes just seem to go until the hardware wears out .
I could point out that my wife 's Vista box is 2 to 4 times faster than my Gentoo box in just about all hardware stats and yet I usually get about 10 times the framerate in games with 3D graphics .
I could point out all the hardware ( printers , scanners , etc... ) my Windows using friends and relatives threw out because there were no Vista drivers .
I could point out the ease of installing software with a good package manager .
I talk about the wealth of free software available for Linux ( yes , some of it has Windows ports ) I could mention the price of Windows , or the prices of most of the popular software that most Windows users claim they need Windows for .
( not really relevant when most people pirate it anyway though ) I might go on and on telling all sorts of true stories about Windows vs Linux but who would really want to read them .</tokentext>
<sentencetext>I could say "The... bug is mitigated by default on most Linux distributions, thanks to their correct implementation of the mmap\_min\_addr feature.
"
 
I could compare the average time to fix a critical bug between the two platforms.
I could point out that we will never know what bugs Microsoft is sitting on without reporting.
I could point out how Windows servers just don't seem to work well if they aren't rebooted regularly while Linux boxes just seem to go until the hardware wears out.
I could point out that my wife's Vista box is 2 to 4 times faster than my Gentoo box in just about all hardware stats and yet I usually get about 10 times the framerate in games with 3D graphics.
I could point out all the hardware (printers, scanners, etc...) my Windows using friends and relatives threw out because there were no Vista drivers.
I could point out the ease of installing software with a good package manager.
I talk about the wealth of free software available for Linux (yes, some of it has Windows ports)
 
I could mention the price of Windows, or the prices of most of the popular software that most Windows users claim they need Windows for.
(not really relevant when most people pirate it anyway though)
 
I might go on and on telling all sorts of true stories about Windows vs Linux but who would really want to read them.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977330</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977406</id>
	<title>Same Exploit from July?</title>
	<author>eldavojohn</author>
	<datestamp>1257001200000</datestamp>
	<modclass>Redundant</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>The bug was found by Brad Spengler last month.</p> </div><p>I thought we discussed this <a href="http://it.slashdot.org/story/09/07/18/0136224/New-Linux-Kernel-Flaw-Allows-Null-Pointer-Exploits" title="slashdot.org">in July</a> [slashdot.org]?  Or is this a different exploit?  <br> <br>

I think it's pretty clear that De Raadt and others have been discussing this vulnerability for quite sometime.  On a list of <a href="http://www.securityfocus.com/bid/36051" title="securityfocus.com">affected systems</a> [securityfocus.com], you can see it's been known on that site since August.  Here's <a href="http://patchwork.kernel.org/patch/32598/" title="kernel.org">another fix discussed</a> [kernel.org] that involves setting PER\_CLEAR\_ON\_SETID mask to MMAP\_PAGE\_ZERO and that's from July (unfortunately, as the Register article said, that might cause problems with applications).  In fact I think Spengler has been talking about this for quite sometime as I believe you can find <a href="http://grsecurity.net/~spender/cheddar\_bay.tgz" title="grsecurity.net">exploit code here</a> [grsecurity.net] and <a href="http://www.youtube.com/watch?v=UdkpJ13e6Z0" title="youtube.com">a video of it in use here against SELinux</a> [youtube.com].  If that's not the same exploit it sure seems to be very similar in nature.</p></div>
	</htmltext>
<tokenext>The bug was found by Brad Spengler last month .
I thought we discussed this in July [ slashdot.org ] ?
Or is this a different exploit ?
I think it 's pretty clear that De Raadt and others have been discussing this vulnerability for quite sometime .
On a list of affected systems [ securityfocus.com ] , you can see it 's been known on that site since August .
Here 's another fix discussed [ kernel.org ] that involves setting PER \ _CLEAR \ _ON \ _SETID mask to MMAP \ _PAGE \ _ZERO and that 's from July ( unfortunately , as the Register article said , that might cause problems with applications ) .
In fact I think Spengler has been talking about this for quite sometime as I believe you can find exploit code here [ grsecurity.net ] and a video of it in use here against SELinux [ youtube.com ] .
If that 's not the same exploit it sure seems to be very similar in nature .</tokentext>
<sentencetext>The bug was found by Brad Spengler last month.
I thought we discussed this in July [slashdot.org]?
Or is this a different exploit?
I think it's pretty clear that De Raadt and others have been discussing this vulnerability for quite sometime.
On a list of affected systems [securityfocus.com], you can see it's been known on that site since August.
Here's another fix discussed [kernel.org] that involves setting PER\_CLEAR\_ON\_SETID mask to MMAP\_PAGE\_ZERO and that's from July (unfortunately, as the Register article said, that might cause problems with applications).
In fact I think Spengler has been talking about this for quite sometime as I believe you can find exploit code here [grsecurity.net] and a video of it in use here against SELinux [youtube.com].
If that's not the same exploit it sure seems to be very similar in nature.
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978136</id>
	<title>Local access has never been secure.</title>
	<author>Vellmont</author>
	<datestamp>1257004380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I've felt for a long time that giving someone local shell access to a machine is never going to be completely secure.  There's just too many degrees of freedom available, and too many different things that need to be secured.  This is just another proof of concept of that principle.</p><p>With all the various different interfaces we have today, shell access is something only a small percentage of people need.  Even those you could likely limit down to a few administrators, some programmers, and possibly a few special cases.</p></htmltext>
<tokenext>I 've felt for a long time that giving someone local shell access to a machine is never going to be completely secure .
There 's just too many degrees of freedom available , and too many different things that need to be secured .
This is just another proof of concept of that principle.With all the various different interfaces we have today , shell access is something only a small percentage of people need .
Even those you could likely limit down to a few administrators , some programmers , and possibly a few special cases .</tokentext>
<sentencetext>I've felt for a long time that giving someone local shell access to a machine is never going to be completely secure.
There's just too many degrees of freedom available, and too many different things that need to be secured.
This is just another proof of concept of that principle.With all the various different interfaces we have today, shell access is something only a small percentage of people need.
Even those you could likely limit down to a few administrators, some programmers, and possibly a few special cases.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29982400</id>
	<title>Re:Bishop bashing bonobos</title>
	<author>Anonymous</author>
	<datestamp>1257017520000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Just wait until 10.10 gets shipped with a FreeBSD kernel.</p><p>http://linux.slashdot.org/article.pl?sid=09/04/05/222239</p></htmltext>
<tokenext>Just wait until 10.10 gets shipped with a FreeBSD kernel.http : //linux.slashdot.org/article.pl ? sid = 09/04/05/222239</tokentext>
<sentencetext>Just wait until 10.10 gets shipped with a FreeBSD kernel.http://linux.slashdot.org/article.pl?sid=09/04/05/222239</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977836</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978112</id>
	<title>Re:Somebody fill me in..</title>
	<author>Anonymous</author>
	<datestamp>1257004320000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>It's not dueling egos.  For there to be a duel, Linus would actually have to care about Theo and his opinions.</p><p>Theo seems to have the idea that if security isn't your priority that you are a waste of resources and shouldn't be alive.  He basically bashes anyone who doesn't agree with him on anything.</p><p>That's because he's a fucking asshole.</p></htmltext>
<tokenext>It 's not dueling egos .
For there to be a duel , Linus would actually have to care about Theo and his opinions.Theo seems to have the idea that if security is n't your priority that you are a waste of resources and should n't be alive .
He basically bashes anyone who does n't agree with him on anything.That 's because he 's a fucking asshole .</tokentext>
<sentencetext>It's not dueling egos.
For there to be a duel, Linus would actually have to care about Theo and his opinions.Theo seems to have the idea that if security isn't your priority that you are a waste of resources and shouldn't be alive.
He basically bashes anyone who doesn't agree with him on anything.That's because he's a fucking asshole.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977602</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978216</id>
	<title>Re:Bishop bashing bonobos</title>
	<author>Anonymous</author>
	<datestamp>1257004620000</datestamp>
	<modclass>Troll</modclass>
	<modscore>0</modscore>
	<htmltext>Linus was upset that someone was basing a modern OS on BSD.  boo-hoo.  Solaris still innovates more than Linux, all Linux does is try to replicate commercial functionality in "Open Source".  The case can be made that the OpenBSD project has had more innovation(openssh, CARP, etc.) than Linux.</htmltext>
<tokenext>Linus was upset that someone was basing a modern OS on BSD .
boo-hoo. Solaris still innovates more than Linux , all Linux does is try to replicate commercial functionality in " Open Source " .
The case can be made that the OpenBSD project has had more innovation ( openssh , CARP , etc .
) than Linux .</tokentext>
<sentencetext>Linus was upset that someone was basing a modern OS on BSD.
boo-hoo.  Solaris still innovates more than Linux, all Linux does is try to replicate commercial functionality in "Open Source".
The case can be made that the OpenBSD project has had more innovation(openssh, CARP, etc.
) than Linux.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29985438</id>
	<title>Re:Bishop bashing bonobos</title>
	<author>Anonymous</author>
	<datestamp>1256983260000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>girl shows up at a computer convention, 10 years later grotesque nerds are still masturbating about it</p></htmltext>
<tokenext>girl shows up at a computer convention , 10 years later grotesque nerds are still masturbating about it</tokentext>
<sentencetext>girl shows up at a computer convention, 10 years later grotesque nerds are still masturbating about it</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978056</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29992096</id>
	<title>Re:So?</title>
	<author>dave87656</author>
	<datestamp>1257412320000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>So, anti-Windows people? Whatcha say now?<nobr> <wbr></nobr>;-)</p></div><p>Well I don't consider myself anti-Windows but rather a realist, by necessity. I did notice that most Linuxes are not vulnerable:</p><p>"The... bug is mitigated by default on most Linux distributions, thanks to their correct implementation of the mmap\_min\_addr feature."</p></div>
	</htmltext>
<tokenext>So , anti-Windows people ?
Wha t cha say now ?
; - ) Well I do n't consider myself anti-Windows but rather a realist , by necessity .
I did notice that most Linuxes are not vulnerable : " The... bug is mitigated by default on most Linux distributions , thanks to their correct implementation of the mmap \ _min \ _addr feature .
"</tokentext>
<sentencetext>So, anti-Windows people?
Whatcha say now?
;-)Well I don't consider myself anti-Windows but rather a realist, by necessity.
I did notice that most Linuxes are not vulnerable:"The... bug is mitigated by default on most Linux distributions, thanks to their correct implementation of the mmap\_min\_addr feature.
"
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977330</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980912</id>
	<title>Re:Local access has never been secure.</title>
	<author>Tetsujin</author>
	<datestamp>1257013260000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>With all the various different interfaces we have today, shell access is something only a small percentage of people need.  Even those you could likely limit down to a few administrators, some programmers, and possibly a few special cases.</p></div><p>Here's the thing, though: a shell doesn't actually grant you any power that you don't already have.  It is an interface through which you can run programs, nothing more.  Most window systems have a "run command" dialog, file managers that let you explore the whole filesystem and run whatever you like, and any number of programs installed which might allow users to run any program on the system they have access to - in this environment, disallowing use of the shell is meaningless.  It doesn't limit what the users can do, it just makes the interface worse.</p><p>A server that provides shared web hosting is a good example of why this kind of usage needs to be safe.  Individual users can benefit from using the shell - but even if you were to block shell access, these users need to run PHP, Python, or Ruby, which would grant them the same ability to run programs...  It's not so bad if a user on a system like this causes a small amount of trouble (like running a fork-bomb or otherwise grinding the system to a halt) - people will be upset, but the offender has more to lose than to gain in a case like that.  But if a user can escalate themselves to root, they can sabotage other users' content, they can take over the system and do whatever they want, etc.  This is a much more dangerous capability.</p></div>
	</htmltext>
<tokenext>With all the various different interfaces we have today , shell access is something only a small percentage of people need .
Even those you could likely limit down to a few administrators , some programmers , and possibly a few special cases.Here 's the thing , though : a shell does n't actually grant you any power that you do n't already have .
It is an interface through which you can run programs , nothing more .
Most window systems have a " run command " dialog , file managers that let you explore the whole filesystem and run whatever you like , and any number of programs installed which might allow users to run any program on the system they have access to - in this environment , disallowing use of the shell is meaningless .
It does n't limit what the users can do , it just makes the interface worse.A server that provides shared web hosting is a good example of why this kind of usage needs to be safe .
Individual users can benefit from using the shell - but even if you were to block shell access , these users need to run PHP , Python , or Ruby , which would grant them the same ability to run programs... It 's not so bad if a user on a system like this causes a small amount of trouble ( like running a fork-bomb or otherwise grinding the system to a halt ) - people will be upset , but the offender has more to lose than to gain in a case like that .
But if a user can escalate themselves to root , they can sabotage other users ' content , they can take over the system and do whatever they want , etc .
This is a much more dangerous capability .</tokentext>
<sentencetext>With all the various different interfaces we have today, shell access is something only a small percentage of people need.
Even those you could likely limit down to a few administrators, some programmers, and possibly a few special cases.Here's the thing, though: a shell doesn't actually grant you any power that you don't already have.
It is an interface through which you can run programs, nothing more.
Most window systems have a "run command" dialog, file managers that let you explore the whole filesystem and run whatever you like, and any number of programs installed which might allow users to run any program on the system they have access to - in this environment, disallowing use of the shell is meaningless.
It doesn't limit what the users can do, it just makes the interface worse.A server that provides shared web hosting is a good example of why this kind of usage needs to be safe.
Individual users can benefit from using the shell - but even if you were to block shell access, these users need to run PHP, Python, or Ruby, which would grant them the same ability to run programs...  It's not so bad if a user on a system like this causes a small amount of trouble (like running a fork-bomb or otherwise grinding the system to a halt) - people will be upset, but the offender has more to lose than to gain in a case like that.
But if a user can escalate themselves to root, they can sabotage other users' content, they can take over the system and do whatever they want, etc.
This is a much more dangerous capability.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978136</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978350</id>
	<title>Re:Patch</title>
	<author>Anonymous</author>
	<datestamp>1257005160000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Incredibly informative and an easy fix.  Thanks, Tom^3!  Truly, I tell thee, this is the year of the Linux Desktop!</p></htmltext>
<tokenext>Incredibly informative and an easy fix .
Thanks , Tom ^ 3 !
Truly , I tell thee , this is the year of the Linux Desktop !</tokentext>
<sentencetext>Incredibly informative and an easy fix.
Thanks, Tom^3!
Truly, I tell thee, this is the year of the Linux Desktop!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977430</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29986050</id>
	<title>Re:What's the deal with the masturbating monkeys?</title>
	<author>gad\_zuki!</author>
	<datestamp>1256985000000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Aging nerds trying to sound cool when they were never good with clever insults to begin with?</p></htmltext>
<tokenext>Aging nerds trying to sound cool when they were never good with clever insults to begin with ?</tokentext>
<sentencetext>Aging nerds trying to sound cool when they were never good with clever insults to begin with?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977924</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29982708</id>
	<title>Being Right...</title>
	<author>labradore</author>
	<datestamp>1257018300000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><i>Theo said: </i> <p><div class="quote"><p>If anyone wants a choice quote from me about the recent Linux holes,
this is what I have to say:

    Linus is too busy thinking about masturabating monkeys, he doesn't
    have time to care about Linux security.</p></div><p>

Being both right and being an asshole still makes you an asshole. People can improve their perspective on technical matters by listening to those who are better informed. However, virtually no one will listen to a better informed jerk just because he's right. Linus has a good point. The user base for windows is an order of magnitude higher than Linux which is Linux has an order of magnitude higher deployment than OpenBSD. Though being more popular doesn't make any system or the people that build the system any better, it's terribly counterproductive to actively alienate the vast majority of those who could benefit a change in thinking about security by being inflammatory to any and all who don't automatically agree.</p></div>
	</htmltext>
<tokenext>Theo said : If anyone wants a choice quote from me about the recent Linux holes , this is what I have to say : Linus is too busy thinking about masturabating monkeys , he does n't have time to care about Linux security .
Being both right and being an asshole still makes you an asshole .
People can improve their perspective on technical matters by listening to those who are better informed .
However , virtually no one will listen to a better informed jerk just because he 's right .
Linus has a good point .
The user base for windows is an order of magnitude higher than Linux which is Linux has an order of magnitude higher deployment than OpenBSD .
Though being more popular does n't make any system or the people that build the system any better , it 's terribly counterproductive to actively alienate the vast majority of those who could benefit a change in thinking about security by being inflammatory to any and all who do n't automatically agree .</tokentext>
<sentencetext>Theo said:  If anyone wants a choice quote from me about the recent Linux holes,
this is what I have to say:

    Linus is too busy thinking about masturabating monkeys, he doesn't
    have time to care about Linux security.
Being both right and being an asshole still makes you an asshole.
People can improve their perspective on technical matters by listening to those who are better informed.
However, virtually no one will listen to a better informed jerk just because he's right.
Linus has a good point.
The user base for windows is an order of magnitude higher than Linux which is Linux has an order of magnitude higher deployment than OpenBSD.
Though being more popular doesn't make any system or the people that build the system any better, it's terribly counterproductive to actively alienate the vast majority of those who could benefit a change in thinking about security by being inflammatory to any and all who don't automatically agree.
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977310</id>
	<title>First post</title>
	<author>wisty</author>
	<datestamp>1257000780000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext><p>But you don't know if I didn't just hack the servers<nobr> <wbr></nobr>;)</p></htmltext>
<tokenext>But you do n't know if I did n't just hack the servers ; )</tokentext>
<sentencetext>But you don't know if I didn't just hack the servers ;)</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977674</id>
	<title>On the bright side...</title>
	<author>gzipped\_tar</author>
	<datestamp>1257002520000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>... most distro maintainers seem to be doing a good job backporting fixes and features from upstream to the "mainline" kernels. At least this is true with Fedora, whose maintainers keeps cherrypicking fixes from 2.6.31 or rc for the mainline F11 2.6.30 kernels.</htmltext>
<tokenext>... most distro maintainers seem to be doing a good job backporting fixes and features from upstream to the " mainline " kernels .
At least this is true with Fedora , whose maintainers keeps cherrypicking fixes from 2.6.31 or rc for the mainline F11 2.6.30 kernels .</tokentext>
<sentencetext>... most distro maintainers seem to be doing a good job backporting fixes and features from upstream to the "mainline" kernels.
At least this is true with Fedora, whose maintainers keeps cherrypicking fixes from 2.6.31 or rc for the mainline F11 2.6.30 kernels.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977990</id>
	<title>Re:Isn't this a dupe?</title>
	<author>Anonymous</author>
	<datestamp>1257003780000</datestamp>
	<modclass>Funny</modclass>
	<modscore>1</modscore>
	<htmltext><p>What? You mean I don't have to wait until patch tuesday? Outrageous!</p></htmltext>
<tokenext>What ?
You mean I do n't have to wait until patch tuesday ?
Outrageous !</tokentext>
<sentencetext>What?
You mean I don't have to wait until patch tuesday?
Outrageous!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977444</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978096</id>
	<title>Re:Same Exploit from July?</title>
	<author>JasterBobaMereel</author>
	<datestamp>1257004200000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>1</modscore>
	<htmltext><p>So it's really a bad design on Intel chips, that all operating system have to work around, except Windows which requires it to work like this...<nobr> <wbr></nobr>...and on most Linux and BSD systems it will not work even if unpatched<nobr> <wbr></nobr>... and it has already been patched<nobr> <wbr></nobr>... and you need to be able to get a user on the local machine to run an app to exploit it (most users install from the Package Manager and so will never run a random downloaded app), and this does not appear to be a remote exploit?</p></htmltext>
<tokenext>So it 's really a bad design on Intel chips , that all operating system have to work around , except Windows which requires it to work like this... ...and on most Linux and BSD systems it will not work even if unpatched ... and it has already been patched ... and you need to be able to get a user on the local machine to run an app to exploit it ( most users install from the Package Manager and so will never run a random downloaded app ) , and this does not appear to be a remote exploit ?</tokentext>
<sentencetext>So it's really a bad design on Intel chips, that all operating system have to work around, except Windows which requires it to work like this... ...and on most Linux and BSD systems it will not work even if unpatched ... and it has already been patched ... and you need to be able to get a user on the local machine to run an app to exploit it (most users install from the Package Manager and so will never run a random downloaded app), and this does not appear to be a remote exploit?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977406</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978818</id>
	<title>Re:Bishop bashing bonobos</title>
	<author>Anonymous</author>
	<datestamp>1257006720000</datestamp>
	<modclass>Funny</modclass>
	<modscore>4</modscore>
	<htmltext><p>Exactly, right before Nymphomaniac Nightingale</p></htmltext>
<tokenext>Exactly , right before Nymphomaniac Nightingale</tokentext>
<sentencetext>Exactly, right before Nymphomaniac Nightingale</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977836</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29992010</id>
	<title>Morrons</title>
	<author>CisJokey</author>
	<datestamp>1257454320000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>So the uber idiot is calling the next idiot an idiot, because of an idiot architecture...

Get a job and get adult you morrons.</htmltext>
<tokenext>So the uber idiot is calling the next idiot an idiot , because of an idiot architecture.. . Get a job and get adult you morrons .</tokentext>
<sentencetext>So the uber idiot is calling the next idiot an idiot, because of an idiot architecture...

Get a job and get adult you morrons.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29981102</id>
	<title>So fix it and be happy</title>
	<author>sjames</author>
	<datestamp>1257013740000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>It's very simple. If you're running a server, as a few pointed out here, add vm.mmap\_min\_addr=4096 to your<nobr> <wbr></nobr>/etc/sysctl.conf to protect the system on future reboots and do echo "4096" &gt;/proc/sys/vm/mmap\_min\_addr to protect the system now.</p><p>If for desktop machines, consider doing the same thing but keep in mind that wine might not work if you do.</p><p>Perhaps that value should be the default, but it's not as if the fix is deeply complex or even requires a kernel update. Either way, it is a tradeoff. The various distros arguably should update sysctl.conf to fix this, but then a lot of Wine users might get very surprised.</p></htmltext>
<tokenext>It 's very simple .
If you 're running a server , as a few pointed out here , add vm.mmap \ _min \ _addr = 4096 to your /etc/sysctl.conf to protect the system on future reboots and do echo " 4096 " &gt; /proc/sys/vm/mmap \ _min \ _addr to protect the system now.If for desktop machines , consider doing the same thing but keep in mind that wine might not work if you do.Perhaps that value should be the default , but it 's not as if the fix is deeply complex or even requires a kernel update .
Either way , it is a tradeoff .
The various distros arguably should update sysctl.conf to fix this , but then a lot of Wine users might get very surprised .</tokentext>
<sentencetext>It's very simple.
If you're running a server, as a few pointed out here, add vm.mmap\_min\_addr=4096 to your /etc/sysctl.conf to protect the system on future reboots and do echo "4096" &gt;/proc/sys/vm/mmap\_min\_addr to protect the system now.If for desktop machines, consider doing the same thing but keep in mind that wine might not work if you do.Perhaps that value should be the default, but it's not as if the fix is deeply complex or even requires a kernel update.
Either way, it is a tradeoff.
The various distros arguably should update sysctl.conf to fix this, but then a lot of Wine users might get very surprised.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977346</id>
	<title>Isn't this a dupe?</title>
	<author>Anonymous</author>
	<datestamp>1257000960000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>1</modscore>
	<htmltext><p>Surely <a href="http://linux.slashdot.org/story/09/08/13/2022212/Local-Privilege-Escalation-On-All-Linux-Kernels" title="slashdot.org">this</a> [slashdot.org] is the same story, from 2 months ago.</p></htmltext>
<tokenext>Surely this [ slashdot.org ] is the same story , from 2 months ago .</tokentext>
<sentencetext>Surely this [slashdot.org] is the same story, from 2 months ago.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29981402</id>
	<title>Re:Isn't this a dupe?</title>
	<author>Anonymous</author>
	<datestamp>1257014640000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>FYI, it's also 65536 on my 9.04 desktop.</p></htmltext>
<tokenext>FYI , it 's also 65536 on my 9.04 desktop .</tokentext>
<sentencetext>FYI, it's also 65536 on my 9.04 desktop.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977850</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977404</id>
	<title>Another story that isnt a story</title>
	<author>Anonymous</author>
	<datestamp>1257001200000</datestamp>
	<modclass>None</modclass>
	<modscore>-1</modscore>
	<htmltext><p>The lead in says its "a bug in most deployed versions of Linux"</p><p>Then says in the excerpt " in the upcoming 2.6.32 release candidate of the Linux kernel"</p><p>Its a release candidate, therefore it cant be in "most deployed versions".<br>The newest version of Ubuntu (karmic) for instance only uses 2.6.31.</p></htmltext>
<tokenext>The lead in says its " a bug in most deployed versions of Linux " Then says in the excerpt " in the upcoming 2.6.32 release candidate of the Linux kernel " Its a release candidate , therefore it cant be in " most deployed versions " .The newest version of Ubuntu ( karmic ) for instance only uses 2.6.31 .</tokentext>
<sentencetext>The lead in says its "a bug in most deployed versions of Linux"Then says in the excerpt " in the upcoming 2.6.32 release candidate of the Linux kernel"Its a release candidate, therefore it cant be in "most deployed versions".The newest version of Ubuntu (karmic) for instance only uses 2.6.31.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978062</id>
	<title>Nothing more than a publicity stunt?</title>
	<author>BhaKi</author>
	<datestamp>1257004080000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Linus's comment:
"That does not look like a kernel problem to me at all. He's running a setuid program that allows the user to specify its own modules. And then you people are surprised he gets local root?"

Sounds reasonable to me.</htmltext>
<tokenext>Linus 's comment : " That does not look like a kernel problem to me at all .
He 's running a setuid program that allows the user to specify its own modules .
And then you people are surprised he gets local root ?
" Sounds reasonable to me .</tokentext>
<sentencetext>Linus's comment:
"That does not look like a kernel problem to me at all.
He's running a setuid program that allows the user to specify its own modules.
And then you people are surprised he gets local root?
"

Sounds reasonable to me.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29981364</id>
	<title>Re:What's the deal with the masturbating monkeys?</title>
	<author>Anonymous</author>
	<datestamp>1257014520000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>They are Zen speak. What kind of code stink does an empty function body emit? (answer: For a cause, there is a consequence. I is empty.) Not even an exception has risen, is there a still a crash or not? (answer: Mount Sumeru!) Does this scheduler have the property of fairness to it or not? (answer: W&#250;) What is a kernel? (answer: Three pounds of flax.)</p></htmltext>
<tokenext>They are Zen speak .
What kind of code stink does an empty function body emit ?
( answer : For a cause , there is a consequence .
I is empty .
) Not even an exception has risen , is there a still a crash or not ?
( answer : Mount Sumeru !
) Does this scheduler have the property of fairness to it or not ?
( answer : W   ) What is a kernel ?
( answer : Three pounds of flax .
)</tokentext>
<sentencetext>They are Zen speak.
What kind of code stink does an empty function body emit?
(answer: For a cause, there is a consequence.
I is empty.
) Not even an exception has risen, is there a still a crash or not?
(answer: Mount Sumeru!
) Does this scheduler have the property of fairness to it or not?
(answer: Wú) What is a kernel?
(answer: Three pounds of flax.
)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977924</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977462</id>
	<title>Re:Another story that isnt a story</title>
	<author>Xonea</author>
	<datestamp>1257001440000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>3</modscore>
	<htmltext>It says that it was only fixed " in the upcoming 2.6.32 release candidate of the Linux kernel" - hence everything before that is vulnerable.<br> <br>
But the bug is not exploitable on ubuntu, because they set vm.mmap\_min\_addr &gt; 0 by default.</htmltext>
<tokenext>It says that it was only fixed " in the upcoming 2.6.32 release candidate of the Linux kernel " - hence everything before that is vulnerable .
But the bug is not exploitable on ubuntu , because they set vm.mmap \ _min \ _addr &gt; 0 by default .</tokentext>
<sentencetext>It says that it was only fixed " in the upcoming 2.6.32 release candidate of the Linux kernel" - hence everything before that is vulnerable.
But the bug is not exploitable on ubuntu, because they set vm.mmap\_min\_addr &gt; 0 by default.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977404</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977430</id>
	<title>Patch</title>
	<author>tomtomtom</author>
	<datestamp>1257001320000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>5</modscore>
	<htmltext>For those who just want to know how to fix it, you need to apply this <a href="http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=ad3960243e55320d74195fb85c975e0a8cc4466c" title="kernel.org">git commit</a> [kernel.org] to your kernel tree and then either recompile and reboot or apply the patch using ksplice.</htmltext>
<tokenext>For those who just want to know how to fix it , you need to apply this git commit [ kernel.org ] to your kernel tree and then either recompile and reboot or apply the patch using ksplice .</tokentext>
<sentencetext>For those who just want to know how to fix it, you need to apply this git commit [kernel.org] to your kernel tree and then either recompile and reboot or apply the patch using ksplice.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29988002</id>
	<title>Re:So?</title>
	<author>kbielefe</author>
	<datestamp>1256992560000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>So, anti-Windows people? Whatcha say now?<nobr> <wbr></nobr>;-)</p></div><p>What to say about a bug that's disabled by default in the vast majority of Linux distributions, that was found before an exploit was in the wild, is already patched, and that the main reason people enable is to let them run windows applications?  Ah gee, I don't know, I guess you got us there.</p></div>
	</htmltext>
<tokenext>So , anti-Windows people ?
Wha t cha say now ?
; - ) What to say about a bug that 's disabled by default in the vast majority of Linux distributions , that was found before an exploit was in the wild , is already patched , and that the main reason people enable is to let them run windows applications ?
Ah gee , I do n't know , I guess you got us there .</tokentext>
<sentencetext>So, anti-Windows people?
Whatcha say now?
;-)What to say about a bug that's disabled by default in the vast majority of Linux distributions, that was found before an exploit was in the wild, is already patched, and that the main reason people enable is to let them run windows applications?
Ah gee, I don't know, I guess you got us there.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977330</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978404</id>
	<title>Re: no shell access...</title>
	<author>Anonymous</author>
	<datestamp>1257005340000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><i>With all the various different interfaces we have today, shell access is something only a small percentage of people need. Even those you could likely limit down to a few administrators, some programmers, and possibly a few special cases.</i></p><p>Right.  And most machines don't run code from outside, like, oh, javascript?, flash?, java?....</p></htmltext>
<tokenext>With all the various different interfaces we have today , shell access is something only a small percentage of people need .
Even those you could likely limit down to a few administrators , some programmers , and possibly a few special cases.Right .
And most machines do n't run code from outside , like , oh , javascript ? , flash ? , java ? ... .</tokentext>
<sentencetext>With all the various different interfaces we have today, shell access is something only a small percentage of people need.
Even those you could likely limit down to a few administrators, some programmers, and possibly a few special cases.Right.
And most machines don't run code from outside, like, oh, javascript?, flash?, java?....</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978136</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29993184</id>
	<title>More problems from C...</title>
	<author>master\_p</author>
	<datestamp>1257425340000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>...yeah, yeah, I know, it's the programmer's fault, yada yada yada...</p><p>I am not trolling. It's time to move beyond C, to a safer programming language. C is the language of the gods: only gods can make faultless programs with it.</p></htmltext>
<tokenext>...yeah , yeah , I know , it 's the programmer 's fault , yada yada yada...I am not trolling .
It 's time to move beyond C , to a safer programming language .
C is the language of the gods : only gods can make faultless programs with it .</tokentext>
<sentencetext>...yeah, yeah, I know, it's the programmer's fault, yada yada yada...I am not trolling.
It's time to move beyond C, to a safer programming language.
C is the language of the gods: only gods can make faultless programs with it.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978830</id>
	<title>Duh?</title>
	<author>adosch</author>
	<datestamp>1257006720000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Why is this even tech news worthy?  It's pretty apparent to any *NIX junkie local exploits are JUST as alarming and harmful as external service or remote kernel exploits.  If you're only worried about what external threats and this article caught you by surprise, you should probably go back to the drawing board... or read less<nobr> <wbr></nobr>/. and learn more about the OS you're supporting.  In the Linux environment I support at work, my *biggest* threat are users who know just enough how to be dangerous... and if I see any trend, it's that local exploiting and vulnerabilities should hold a bit more focus an attention, especially with the rise with the Linux desktop movement and the Ubuntu bandwagon; regardless if the user is a power-user, Linux breathing fanatic or wanted to try a Live CD, it's the exposure and curiosity that will bite you on the frontline keeping your users in check.</htmltext>
<tokenext>Why is this even tech news worthy ?
It 's pretty apparent to any * NIX junkie local exploits are JUST as alarming and harmful as external service or remote kernel exploits .
If you 're only worried about what external threats and this article caught you by surprise , you should probably go back to the drawing board... or read less / .
and learn more about the OS you 're supporting .
In the Linux environment I support at work , my * biggest * threat are users who know just enough how to be dangerous... and if I see any trend , it 's that local exploiting and vulnerabilities should hold a bit more focus an attention , especially with the rise with the Linux desktop movement and the Ubuntu bandwagon ; regardless if the user is a power-user , Linux breathing fanatic or wanted to try a Live CD , it 's the exposure and curiosity that will bite you on the frontline keeping your users in check .</tokentext>
<sentencetext>Why is this even tech news worthy?
It's pretty apparent to any *NIX junkie local exploits are JUST as alarming and harmful as external service or remote kernel exploits.
If you're only worried about what external threats and this article caught you by surprise, you should probably go back to the drawing board... or read less /.
and learn more about the OS you're supporting.
In the Linux environment I support at work, my *biggest* threat are users who know just enough how to be dangerous... and if I see any trend, it's that local exploiting and vulnerabilities should hold a bit more focus an attention, especially with the rise with the Linux desktop movement and the Ubuntu bandwagon; regardless if the user is a power-user, Linux breathing fanatic or wanted to try a Live CD, it's the exposure and curiosity that will bite you on the frontline keeping your users in check.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29991188</id>
	<title>Supervisor blocking</title>
	<author>shentino</author>
	<datestamp>1257013080000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>If only there was a way to FORBID the kernel from accessing certain pointers.</p><p>Usually you want to protect the kernel from the user...</p><p>Possible fix:  When switching into kernel mode, mark page zero as not present and invlpg.  Any access to page 0, which btw is userspace that should be guarded with get\_user et-al, would cause a fault.  The exception handler, upon noticing the access was NOT done through the appropriate macro, would oops.</p></htmltext>
<tokenext>If only there was a way to FORBID the kernel from accessing certain pointers.Usually you want to protect the kernel from the user...Possible fix : When switching into kernel mode , mark page zero as not present and invlpg .
Any access to page 0 , which btw is userspace that should be guarded with get \ _user et-al , would cause a fault .
The exception handler , upon noticing the access was NOT done through the appropriate macro , would oops .</tokentext>
<sentencetext>If only there was a way to FORBID the kernel from accessing certain pointers.Usually you want to protect the kernel from the user...Possible fix:  When switching into kernel mode, mark page zero as not present and invlpg.
Any access to page 0, which btw is userspace that should be guarded with get\_user et-al, would cause a fault.
The exception handler, upon noticing the access was NOT done through the appropriate macro, would oops.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977330</id>
	<title>So?</title>
	<author>Anonymous</author>
	<datestamp>1257000840000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext>So, anti-Windows people? Whatcha say now?<nobr> <wbr></nobr>;-)</htmltext>
<tokenext>So , anti-Windows people ?
Wha t cha say now ?
; - )</tokentext>
<sentencetext>So, anti-Windows people?
Whatcha say now?
;-)</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977480</id>
	<title>Re:So?</title>
	<author>intheshelter</author>
	<datestamp>1257001500000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Get a Mac!!</htmltext>
<tokenext>Get a Mac !
!</tokentext>
<sentencetext>Get a Mac!
!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977330</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29982226</id>
	<title>Re:So?</title>
	<author>ichthus</author>
	<datestamp>1257017040000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Whoa.  Sounds like somebody needs to "get the facts."<nobr> <wbr></nobr>;)</htmltext>
<tokenext>Whoa .
Sounds like somebody needs to " get the facts .
" ; )</tokentext>
<sentencetext>Whoa.
Sounds like somebody needs to "get the facts.
" ;)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978296</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29979260</id>
	<title>Re:Isn't this a dupe?</title>
	<author>nevermore94</author>
	<datestamp>1257008160000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>So, what if that key doesn't exist at all?  Does that mean you are protected, or vulnerable and can't easily fix it?  We are a SuSE shop, and I have checked all 3 version that we use in production: SuSE 8, SuSE 9, SuSE 10, and all 3 do not have this key.<blockquote><div><p> <tt># sysctl -n vm.mmap\_min\_addr<br>error: 'vm.mmap\_min\_addr' is an unknown key<br>/proc/sys/vm/mmap\_min\_addr: No such file or directory</tt></p></div> </blockquote></div>
	</htmltext>
<tokenext>So , what if that key does n't exist at all ?
Does that mean you are protected , or vulnerable and ca n't easily fix it ?
We are a SuSE shop , and I have checked all 3 version that we use in production : SuSE 8 , SuSE 9 , SuSE 10 , and all 3 do not have this key .
# sysctl -n vm.mmap \ _min \ _addrerror : 'vm.mmap \ _min \ _addr ' is an unknown key/proc/sys/vm/mmap \ _min \ _addr : No such file or directory</tokentext>
<sentencetext>So, what if that key doesn't exist at all?
Does that mean you are protected, or vulnerable and can't easily fix it?
We are a SuSE shop, and I have checked all 3 version that we use in production: SuSE 8, SuSE 9, SuSE 10, and all 3 do not have this key.
# sysctl -n vm.mmap\_min\_addrerror: 'vm.mmap\_min\_addr' is an unknown key/proc/sys/vm/mmap\_min\_addr: No such file or directory 
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977850</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29984520</id>
	<title>Re:Same Exploit from July?</title>
	<author>man\_of\_mr\_e</author>
	<datestamp>1256980380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>FYI... "get a user on the local machine" is far more trivial than you might think.  For example, exploiting a flaw that allows arbitrary code execution of the current user in any internet connected application such as FireFox (and there have been a bunch of recent flaws in FF of that variety) will work just fine.  This is called a blended attack and makes use of several flaws to achieve its goals.</p></htmltext>
<tokenext>FYI... " get a user on the local machine " is far more trivial than you might think .
For example , exploiting a flaw that allows arbitrary code execution of the current user in any internet connected application such as FireFox ( and there have been a bunch of recent flaws in FF of that variety ) will work just fine .
This is called a blended attack and makes use of several flaws to achieve its goals .</tokentext>
<sentencetext>FYI... "get a user on the local machine" is far more trivial than you might think.
For example, exploiting a flaw that allows arbitrary code execution of the current user in any internet connected application such as FireFox (and there have been a bunch of recent flaws in FF of that variety) will work just fine.
This is called a blended attack and makes use of several flaws to achieve its goals.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978096</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977538</id>
	<title>Ubuntu</title>
	<author>Anonymous</author>
	<datestamp>1257001860000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Then it doesn't exist in karmic.</p><p>"vm.mmap\_min\_addr = 65536"</p></htmltext>
<tokenext>Then it does n't exist in karmic .
" vm.mmap \ _min \ _addr = 65536 "</tokentext>
<sentencetext>Then it doesn't exist in karmic.
"vm.mmap\_min\_addr = 65536"</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29982780</id>
	<title>Re:Bishop bashing bonobos</title>
	<author>Cro Magnon</author>
	<datestamp>1257018480000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>*wipes off monitor*</p></htmltext>
<tokenext>* wipes off monitor *</tokentext>
<sentencetext>*wipes off monitor*</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977836</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977474</id>
	<title>Full quote from article</title>
	<author>Dareth</author>
	<datestamp>1257001500000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p><i>The null pointer dereference flaw was only <strong>fixed</strong> in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable.</i></p><p>You know you can click on the article links and actually read them.</p></htmltext>
<tokenext>The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel , making virtually all production versions in use at the moment vulnerable.You know you can click on the article links and actually read them .</tokentext>
<sentencetext>The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable.You know you can click on the article links and actually read them.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977404</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980240</id>
	<title>Re:Another story that isnt a story</title>
	<author>munctional</author>
	<datestamp>1257011100000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>You have WINE installed. It sets the value to 0.</htmltext>
<tokenext>You have WINE installed .
It sets the value to 0 .</tokentext>
<sentencetext>You have WINE installed.
It sets the value to 0.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977956</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977376</id>
	<title>obvious troll is obvious.</title>
	<author>Anonymous</author>
	<datestamp>1257001080000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p><div class="quote"><p>So, anti-Windows people? Whatcha say now?<nobr> <wbr></nobr>;-)</p></div><p>Thank god that independent forces are out there finding <b>and</b> reporting kernel bugs in Linux. If only the bug-finders for windows were so altruistic.</p></div>
	</htmltext>
<tokenext>So , anti-Windows people ?
Wha t cha say now ?
; - ) Thank god that independent forces are out there finding and reporting kernel bugs in Linux .
If only the bug-finders for windows were so altruistic .</tokentext>
<sentencetext>So, anti-Windows people?
Whatcha say now?
;-)Thank god that independent forces are out there finding and reporting kernel bugs in Linux.
If only the bug-finders for windows were so altruistic.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977330</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29982968</id>
	<title>Re:Isn't this a dupe?</title>
	<author>PNutts</author>
	<datestamp>1257019080000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p><div class="quote"><p>Just type sysctl -w vm.mmap\_min\_addr=4096 in your box (or any other number &gt; 0) and you are safe.</p></div><p>sysctl -w vm.mmap\_min\_addr=11</p><p>Now I'm safer than everyone else.</p></div>
	</htmltext>
<tokenext>Just type sysctl -w vm.mmap \ _min \ _addr = 4096 in your box ( or any other number &gt; 0 ) and you are safe.sysctl -w vm.mmap \ _min \ _addr = 11Now I 'm safer than everyone else .</tokentext>
<sentencetext>Just type sysctl -w vm.mmap\_min\_addr=4096 in your box (or any other number &gt; 0) and you are safe.sysctl -w vm.mmap\_min\_addr=11Now I'm safer than everyone else.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977444</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977606</id>
	<title>Re:Patch</title>
	<author>Anonymous</author>
	<datestamp>1257002160000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Reboot? What's that?</p></htmltext>
<tokenext>Reboot ?
What 's that ?</tokentext>
<sentencetext>Reboot?
What's that?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977430</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978056</id>
	<title>Re:Bishop bashing bonobos</title>
	<author>Anonymous</author>
	<datestamp>1257004020000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><i>Before people jump on Theo's comment, it's worth pointing out that it was Linus who first described the OpenBSD developers as "masturbating monkeys".</i></p><p>Probably true, but BSD has better booth babes. Sexy daemons instead of fat-ass penguins:</p><p><a href="http://freebsd-image-gallery.netcode.pl/?gallery=Daemonette" title="netcode.pl" rel="nofollow">http://freebsd-image-gallery.netcode.pl/?gallery=Daemonette</a> [netcode.pl]</p></htmltext>
<tokenext>Before people jump on Theo 's comment , it 's worth pointing out that it was Linus who first described the OpenBSD developers as " masturbating monkeys " .Probably true , but BSD has better booth babes .
Sexy daemons instead of fat-ass penguins : http : //freebsd-image-gallery.netcode.pl/ ? gallery = Daemonette [ netcode.pl ]</tokentext>
<sentencetext>Before people jump on Theo's comment, it's worth pointing out that it was Linus who first described the OpenBSD developers as "masturbating monkeys".Probably true, but BSD has better booth babes.
Sexy daemons instead of fat-ass penguins:http://freebsd-image-gallery.netcode.pl/?gallery=Daemonette [netcode.pl]</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978550</id>
	<title>Re:Patch</title>
	<author>Anonymous</author>
	<datestamp>1257005940000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p>That fix is kind of a pain because you have to reboot Linux.  I've found a much more logical fix <a href="http://www.microsoft.com/windows/windows-7/" title="microsoft.com" rel="nofollow">here</a> [microsoft.com].</p></htmltext>
<tokenext>That fix is kind of a pain because you have to reboot Linux .
I 've found a much more logical fix here [ microsoft.com ] .</tokentext>
<sentencetext>That fix is kind of a pain because you have to reboot Linux.
I've found a much more logical fix here [microsoft.com].</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977430</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29979228</id>
	<title>Linus' insults show he lost the argument</title>
	<author>Anonymous</author>
	<datestamp>1257008040000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>1</modscore>
	<htmltext><p>Linus Torvalds called Theo and Developers masturbating monkeys. That is obviously an insult and insults are the last refuge of the out-argued. Insulting propositions obviously aren't logical but purely dialectical in nature. Doc Johnson and the philosopher Arthur Schopenhauer wrote about insults being the last refuge of the out-argued. Linux is not a good OS in my opinion so I use OpenBSD and NetBSD instead.</p></htmltext>
<tokenext>Linus Torvalds called Theo and Developers masturbating monkeys .
That is obviously an insult and insults are the last refuge of the out-argued .
Insulting propositions obviously are n't logical but purely dialectical in nature .
Doc Johnson and the philosopher Arthur Schopenhauer wrote about insults being the last refuge of the out-argued .
Linux is not a good OS in my opinion so I use OpenBSD and NetBSD instead .</tokentext>
<sentencetext>Linus Torvalds called Theo and Developers masturbating monkeys.
That is obviously an insult and insults are the last refuge of the out-argued.
Insulting propositions obviously aren't logical but purely dialectical in nature.
Doc Johnson and the philosopher Arthur Schopenhauer wrote about insults being the last refuge of the out-argued.
Linux is not a good OS in my opinion so I use OpenBSD and NetBSD instead.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978046</id>
	<title>I'm in your Linux box</title>
	<author>LuxMaker</author>
	<datestamp>1257004020000</datestamp>
	<modclass>Redundant</modclass>
	<modscore>0</modscore>
	<htmltext>Getting your root access.</htmltext>
<tokenext>Getting your root access .</tokentext>
<sentencetext>Getting your root access.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29979090</id>
	<title>Re:Somebody fill me in..</title>
	<author>True Grit</author>
	<datestamp>1257007620000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p><div class="quote"><p>What's the beef between Linus and Theo?</p></div><p>Theo is in charge of a BSD-based kernel that is only concerned with security, while Linus is in charge of a kernel that has to accommodate a much wider audience (like people who want to run Wine), and, of course, since both of them also have largish egos, they've both managed to say some silly things about each other's kernel...</p><p>Basically, unless you're already a Linus or Theo fanboy, their 'bickering' is not that important.<nobr> <wbr></nobr>:)</p></div>
	</htmltext>
<tokenext>What 's the beef between Linus and Theo ? Theo is in charge of a BSD-based kernel that is only concerned with security , while Linus is in charge of a kernel that has to accommodate a much wider audience ( like people who want to run Wine ) , and , of course , since both of them also have largish egos , they 've both managed to say some silly things about each other 's kernel...Basically , unless you 're already a Linus or Theo fanboy , their 'bickering ' is not that important .
: )</tokentext>
<sentencetext>What's the beef between Linus and Theo?Theo is in charge of a BSD-based kernel that is only concerned with security, while Linus is in charge of a kernel that has to accommodate a much wider audience (like people who want to run Wine), and, of course, since both of them also have largish egos, they've both managed to say some silly things about each other's kernel...Basically, unless you're already a Linus or Theo fanboy, their 'bickering' is not that important.
:)
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977602</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978146</id>
	<title>Re:Somebody fill me in..</title>
	<author>teknopurge</author>
	<datestamp>1257004440000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Theo is a rock star when it comes to OS code, and as such has the attitude to go along with it.  More power to him.</htmltext>
<tokenext>Theo is a rock star when it comes to OS code , and as such has the attitude to go along with it .
More power to him .</tokentext>
<sentencetext>Theo is a rock star when it comes to OS code, and as such has the attitude to go along with it.
More power to him.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977602</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980968</id>
	<title>Re:Same Exploit from July?</title>
	<author>Anonymous</author>
	<datestamp>1257013380000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>No, it's not inherently a bad decision by x86 architecture.  Bad effects from dereferencing a NULL pointer are the responsibility of software, both operating system and application-level.  There are apps for which the ability to use page 0 provides significant speed and functionality advantages.  Through careful design and coding, an operating system can allow these uses  while still protecting itself from NULL pointers, and the OS can do so with no additional runtime costs when page 0 is not used.  Linux just hasn't done so yet.</p></htmltext>
<tokenext>No , it 's not inherently a bad decision by x86 architecture .
Bad effects from dereferencing a NULL pointer are the responsibility of software , both operating system and application-level .
There are apps for which the ability to use page 0 provides significant speed and functionality advantages .
Through careful design and coding , an operating system can allow these uses while still protecting itself from NULL pointers , and the OS can do so with no additional runtime costs when page 0 is not used .
Linux just has n't done so yet .</tokentext>
<sentencetext>No, it's not inherently a bad decision by x86 architecture.
Bad effects from dereferencing a NULL pointer are the responsibility of software, both operating system and application-level.
There are apps for which the ability to use page 0 provides significant speed and functionality advantages.
Through careful design and coding, an operating system can allow these uses  while still protecting itself from NULL pointers, and the OS can do so with no additional runtime costs when page 0 is not used.
Linux just hasn't done so yet.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978096</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977850</id>
	<title>Re:Isn't this a dupe?</title>
	<author>tayhimself</author>
	<datestamp>1257003300000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext>This solution works, please see the links below. However I would reccomend seing what your settings are on your system<br>
<i>$ sysctl -n vm.mmap\_min\_addr </i> to find what your setting is.<br>
On Ubuntu 8.04 LTS servers (including Xen kernels) and on 9.10 desktops it is 65536. Not a big deal.<br>

<a href="http://wiki.debian.org/mmap\_min\_addr" title="debian.org">http://wiki.debian.org/mmap\_min\_addr</a> [debian.org] <br>
<a href="https://lists.ubuntu.com/archives/ubuntu-devel/2008-July/025805.html" title="ubuntu.com">https://lists.ubuntu.com/archives/ubuntu-devel/2008-July/025805.html</a> [ubuntu.com] <br>
<a href="http://www.securityfocus.com/bid/26831/info" title="securityfocus.com">http://www.securityfocus.com/bid/26831/info</a> [securityfocus.com]</htmltext>
<tokenext>This solution works , please see the links below .
However I would reccomend seing what your settings are on your system $ sysctl -n vm.mmap \ _min \ _addr to find what your setting is .
On Ubuntu 8.04 LTS servers ( including Xen kernels ) and on 9.10 desktops it is 65536 .
Not a big deal .
http : //wiki.debian.org/mmap \ _min \ _addr [ debian.org ] https : //lists.ubuntu.com/archives/ubuntu-devel/2008-July/025805.html [ ubuntu.com ] http : //www.securityfocus.com/bid/26831/info [ securityfocus.com ]</tokentext>
<sentencetext>This solution works, please see the links below.
However I would reccomend seing what your settings are on your system
$ sysctl -n vm.mmap\_min\_addr  to find what your setting is.
On Ubuntu 8.04 LTS servers (including Xen kernels) and on 9.10 desktops it is 65536.
Not a big deal.
http://wiki.debian.org/mmap\_min\_addr [debian.org] 
https://lists.ubuntu.com/archives/ubuntu-devel/2008-July/025805.html [ubuntu.com] 
http://www.securityfocus.com/bid/26831/info [securityfocus.com]</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977444</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977604</id>
	<title>And?</title>
	<author>FlyingBishop</author>
	<datestamp>1257002160000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>5</modscore>
	<htmltext><p>Torvalds:</p><blockquote><div><p>That does not look like a kernel problem to me at all. He's running a setuid program that allows the user to specify its own modules. And then you people are surprised he gets local root?</p></div></blockquote><p>Am I missing something? Torvald's reply actually sounds pretty reasonable to me here. It might be nice if this exploit could be patched, but it seems a little preposterous to me that you could make that work in a way that doesn't leave an exploit. I'd say you need to be locking down your suid binaries more, not blaming kernel management.</p></div>
	</htmltext>
<tokenext>Torvalds : That does not look like a kernel problem to me at all .
He 's running a setuid program that allows the user to specify its own modules .
And then you people are surprised he gets local root ? Am I missing something ?
Torvald 's reply actually sounds pretty reasonable to me here .
It might be nice if this exploit could be patched , but it seems a little preposterous to me that you could make that work in a way that does n't leave an exploit .
I 'd say you need to be locking down your suid binaries more , not blaming kernel management .</tokentext>
<sentencetext>Torvalds:That does not look like a kernel problem to me at all.
He's running a setuid program that allows the user to specify its own modules.
And then you people are surprised he gets local root?Am I missing something?
Torvald's reply actually sounds pretty reasonable to me here.
It might be nice if this exploit could be patched, but it seems a little preposterous to me that you could make that work in a way that doesn't leave an exploit.
I'd say you need to be locking down your suid binaries more, not blaming kernel management.
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977388</id>
	<title>Stupid masturbating monkeys...</title>
	<author>Anonymous</author>
	<datestamp>1257001140000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>...they should've listened to Linus and ignored this until now, like all the others. Linus knows best.</p></htmltext>
<tokenext>...they should 've listened to Linus and ignored this until now , like all the others .
Linus knows best .</tokentext>
<sentencetext>...they should've listened to Linus and ignored this until now, like all the others.
Linus knows best.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977350</id>
	<title>huh?</title>
	<author>Anonymous</author>
	<datestamp>1257001020000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><blockquote><div><p> <b>Deliberate</b>Bug In Most Linuxes Can Give Untrusted Users Root</p></div></blockquote><p>  fixed that for u.</p><p>Everyone knows that....don't they?</p></div>
	</htmltext>
<tokenext>DeliberateBug In Most Linuxes Can Give Untrusted Users Root fixed that for u.Everyone knows that....do n't they ?</tokentext>
<sentencetext> DeliberateBug In Most Linuxes Can Give Untrusted Users Root  fixed that for u.Everyone knows that....don't they?
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978090</id>
	<title>Kernel default?</title>
	<author>gweihir</author>
	<datestamp>1257004140000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Just checked my installations (Debian with custom kernel from kernel.org). They are all at 4096 for mmap\_min\_addr (and hence not vulnerable), but I seem to be unable to find a place where this is set. Does anybody know whether this is the kernel default?</p></htmltext>
<tokenext>Just checked my installations ( Debian with custom kernel from kernel.org ) .
They are all at 4096 for mmap \ _min \ _addr ( and hence not vulnerable ) , but I seem to be unable to find a place where this is set .
Does anybody know whether this is the kernel default ?</tokentext>
<sentencetext>Just checked my installations (Debian with custom kernel from kernel.org).
They are all at 4096 for mmap\_min\_addr (and hence not vulnerable), but I seem to be unable to find a place where this is set.
Does anybody know whether this is the kernel default?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29979140</id>
	<title>Theo de Raadt is my hero</title>
	<author>OrangeTide</author>
	<datestamp>1257007800000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I'm glad I don't work with Theo de Raadt. He's a tremendous douche when he's right, and a tremendous douche when he's wrong.</p></htmltext>
<tokenext>I 'm glad I do n't work with Theo de Raadt .
He 's a tremendous douche when he 's right , and a tremendous douche when he 's wrong .</tokentext>
<sentencetext>I'm glad I don't work with Theo de Raadt.
He's a tremendous douche when he's right, and a tremendous douche when he's wrong.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980324</id>
	<title>Re:Bishop bashing bonobos</title>
	<author>Anonymous</author>
	<datestamp>1257011340000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Ubuntu does spoonerisms</p><p>Hardy Heron -&gt; Hairy Hard-on</p><p>Masturbating Monkey -&gt; Monster-baiting Mackie</p></htmltext>
<tokenext>Ubuntu does spoonerismsHardy Heron - &gt; Hairy Hard-onMasturbating Monkey - &gt; Monster-baiting Mackie</tokentext>
<sentencetext>Ubuntu does spoonerismsHardy Heron -&gt; Hairy Hard-onMasturbating Monkey -&gt; Monster-baiting Mackie</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977836</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29981398</id>
	<title>Re:Bishop bashing bonobos</title>
	<author>bill\_mcgonigle</author>
	<datestamp>1257014580000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>that's gold.</p></htmltext>
<tokenext>that 's gold .</tokentext>
<sentencetext>that's gold.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977836</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977468</id>
	<title>Re:So?</title>
	<author>Aim Here</author>
	<datestamp>1257001440000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p>Hah, this just shows how EFFICIENT Linux is. Until recently, Windows achieved their local privilege escalation vulnerability rollout by having almost every home user running as fully privileged administrator accounts all the time. Linux achieves all this through a small tweak to the kernel build system, thus getting this feature to 100\% of Linux users without any manual intervention at all.</p></htmltext>
<tokenext>Hah , this just shows how EFFICIENT Linux is .
Until recently , Windows achieved their local privilege escalation vulnerability rollout by having almost every home user running as fully privileged administrator accounts all the time .
Linux achieves all this through a small tweak to the kernel build system , thus getting this feature to 100 \ % of Linux users without any manual intervention at all .</tokentext>
<sentencetext>Hah, this just shows how EFFICIENT Linux is.
Until recently, Windows achieved their local privilege escalation vulnerability rollout by having almost every home user running as fully privileged administrator accounts all the time.
Linux achieves all this through a small tweak to the kernel build system, thus getting this feature to 100\% of Linux users without any manual intervention at all.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977330</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980950</id>
	<title>Re: no shell access...</title>
	<author>Tetsujin</author>
	<datestamp>1257013380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p> <i>With all the various different interfaces we have today, shell access is something only a small percentage of people need. Even those you could likely limit down to a few administrators, some programmers, and possibly a few special cases.</i> </p><p>Right.  And most machines don't run code from outside, like, oh, javascript?, flash?, java?....</p></div><p>Javascript, flash, and java (on the web, I mean) are all run in environments that implement their own forms of protection.  It would, therefore, be very difficult from one of these environments to do something like a null pointer exploit.</p></div>
	</htmltext>
<tokenext>With all the various different interfaces we have today , shell access is something only a small percentage of people need .
Even those you could likely limit down to a few administrators , some programmers , and possibly a few special cases .
Right. And most machines do n't run code from outside , like , oh , javascript ? , flash ? , java ? ....Javascript , flash , and java ( on the web , I mean ) are all run in environments that implement their own forms of protection .
It would , therefore , be very difficult from one of these environments to do something like a null pointer exploit .</tokentext>
<sentencetext> With all the various different interfaces we have today, shell access is something only a small percentage of people need.
Even those you could likely limit down to a few administrators, some programmers, and possibly a few special cases.
Right.  And most machines don't run code from outside, like, oh, javascript?, flash?, java?....Javascript, flash, and java (on the web, I mean) are all run in environments that implement their own forms of protection.
It would, therefore, be very difficult from one of these environments to do something like a null pointer exploit.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978404</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29981966</id>
	<title>spendergrsec</title>
	<author>Deanalator</author>
	<datestamp>1257016380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>If anyone wants to watch these exploits being written live, you can follow spendergrsec on twitter.<br><a href="http://twitter.com/spendergrsec" title="twitter.com">http://twitter.com/spendergrsec</a> [twitter.com]</p><p>The rate at which spender has been cranking out kernel exploits is insane.  Also it's someone who uses twitter for something for more than informing us what he's eating or when he's pooping, so that's always a plus.</p></htmltext>
<tokenext>If anyone wants to watch these exploits being written live , you can follow spendergrsec on twitter.http : //twitter.com/spendergrsec [ twitter.com ] The rate at which spender has been cranking out kernel exploits is insane .
Also it 's someone who uses twitter for something for more than informing us what he 's eating or when he 's pooping , so that 's always a plus .</tokentext>
<sentencetext>If anyone wants to watch these exploits being written live, you can follow spendergrsec on twitter.http://twitter.com/spendergrsec [twitter.com]The rate at which spender has been cranking out kernel exploits is insane.
Also it's someone who uses twitter for something for more than informing us what he's eating or when he's pooping, so that's always a plus.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977560</id>
	<title>Re:Another story that isnt a story</title>
	<author>raddan</author>
	<datestamp>1257001980000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>The bug is <b>fixed</b> in the release candidate.  The point being that "most deployed versions" of Linux do not have the fix.</htmltext>
<tokenext>The bug is fixed in the release candidate .
The point being that " most deployed versions " of Linux do not have the fix .</tokentext>
<sentencetext>The bug is fixed in the release candidate.
The point being that "most deployed versions" of Linux do not have the fix.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977404</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977836</id>
	<title>Re:Bishop bashing bonobos</title>
	<author>babblefrog</author>
	<datestamp>1257003240000</datestamp>
	<modclass>Funny</modclass>
	<modscore>5</modscore>
	<htmltext>I thought Masturbating Monkey was Ubuntu 10.10?</htmltext>
<tokenext>I thought Masturbating Monkey was Ubuntu 10.10 ?</tokentext>
<sentencetext>I thought Masturbating Monkey was Ubuntu 10.10?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977926</id>
	<title>Re:Same Exploit from July?</title>
	<author>raffo</author>
	<datestamp>1257003540000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I looked at the exploit code above, it relies on the pulseaudio binary to be set SUID (run as root when executed). The "exploit" is to run pulseaudio and pass it an executable module, the module, obviously, will run as root as well.</p><p>If pulseaudio is not set SUID, the "exploit" code terminates with an error message... hilarious.</p><p>This seems to me a bunch of "security" experts trying to call attention to themselves.</p></htmltext>
<tokenext>I looked at the exploit code above , it relies on the pulseaudio binary to be set SUID ( run as root when executed ) .
The " exploit " is to run pulseaudio and pass it an executable module , the module , obviously , will run as root as well.If pulseaudio is not set SUID , the " exploit " code terminates with an error message... hilarious.This seems to me a bunch of " security " experts trying to call attention to themselves .</tokentext>
<sentencetext>I looked at the exploit code above, it relies on the pulseaudio binary to be set SUID (run as root when executed).
The "exploit" is to run pulseaudio and pass it an executable module, the module, obviously, will run as root as well.If pulseaudio is not set SUID, the "exploit" code terminates with an error message... hilarious.This seems to me a bunch of "security" experts trying to call attention to themselves.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977406</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29979734</id>
	<title>Re:Isn't this a dupe?</title>
	<author>RiotingPacifist</author>
	<datestamp>1257009600000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>$cat<nobr> <wbr></nobr>/proc/sys/vm/mmap\_min\_addr<br>65536</p><p>My Fedora 11 desktop is safe</p></htmltext>
<tokenext>$ cat /proc/sys/vm/mmap \ _min \ _addr65536My Fedora 11 desktop is safe</tokentext>
<sentencetext>$cat /proc/sys/vm/mmap\_min\_addr65536My Fedora 11 desktop is safe</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977850</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29993446</id>
	<title>Re:What's the deal with the masturbating monkeys?</title>
	<author>bmcage</author>
	<datestamp>1257428160000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>It is a word Linus uses from time to time when he wants to make an insult.
<p>
Have a look at <a href="http://www.youtube.com/watch?v=4XpnKHJAok8" title="youtube.com">http://www.youtube.com/watch?v=4XpnKHJAok8</a> [youtube.com], I won't watch it again to give you the minutes at which the word is used, but his body language makes it clear this is not the first time he applies it when a certain situation comes up.
</p><p>
The video gives you an idea of the person he is. You like his style of jokes, or you don't. Perhaps it's something Finnish.</p></htmltext>
<tokenext>It is a word Linus uses from time to time when he wants to make an insult .
Have a look at http : //www.youtube.com/watch ? v = 4XpnKHJAok8 [ youtube.com ] , I wo n't watch it again to give you the minutes at which the word is used , but his body language makes it clear this is not the first time he applies it when a certain situation comes up .
The video gives you an idea of the person he is .
You like his style of jokes , or you do n't .
Perhaps it 's something Finnish .</tokentext>
<sentencetext>It is a word Linus uses from time to time when he wants to make an insult.
Have a look at http://www.youtube.com/watch?v=4XpnKHJAok8 [youtube.com], I won't watch it again to give you the minutes at which the word is used, but his body language makes it clear this is not the first time he applies it when a certain situation comes up.
The video gives you an idea of the person he is.
You like his style of jokes, or you don't.
Perhaps it's something Finnish.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977924</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978076</id>
	<title>Re:Bishop bashing bonobos</title>
	<author>Anonymous</author>
	<datestamp>1257004140000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Considering that deraadt is either<br>a) deliberately mischaracterizing Linus' passing insult as being an article "about" masturbating monkeys<br>or<br>b) completely lacking in reading comprehension that he actually believes what he himself wrote</p><p>I wouldn't want to trust him with MY security, and he certainly has earned the mastubating monkey moniker.</p></htmltext>
<tokenext>Considering that deraadt is eithera ) deliberately mischaracterizing Linus ' passing insult as being an article " about " masturbating monkeysorb ) completely lacking in reading comprehension that he actually believes what he himself wroteI would n't want to trust him with MY security , and he certainly has earned the mastubating monkey moniker .</tokentext>
<sentencetext>Considering that deraadt is eithera) deliberately mischaracterizing Linus' passing insult as being an article "about" masturbating monkeysorb) completely lacking in reading comprehension that he actually believes what he himself wroteI wouldn't want to trust him with MY security, and he certainly has earned the mastubating monkey moniker.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977602</id>
	<title>Somebody fill me in..</title>
	<author>Anonymous</author>
	<datestamp>1257002160000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I pay very little attention to open-source politics.  What's the beef between Linus and Theo?  Is it just a matter of dueling egos?</p><p>-jcr</p></htmltext>
<tokenext>I pay very little attention to open-source politics .
What 's the beef between Linus and Theo ?
Is it just a matter of dueling egos ? -jcr</tokentext>
<sentencetext>I pay very little attention to open-source politics.
What's the beef between Linus and Theo?
Is it just a matter of dueling egos?-jcr</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630</id>
	<title>Bishop bashing bonobos</title>
	<author>Anonymous</author>
	<datestamp>1257002340000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext>Before people jump on Theo's comment, it's worth pointing out that it was Linus who first described the OpenBSD developers as "masturbating monkeys". That said, it's still bloody childish irrespective of who it's coming from.</htmltext>
<tokenext>Before people jump on Theo 's comment , it 's worth pointing out that it was Linus who first described the OpenBSD developers as " masturbating monkeys " .
That said , it 's still bloody childish irrespective of who it 's coming from .</tokentext>
<sentencetext>Before people jump on Theo's comment, it's worth pointing out that it was Linus who first described the OpenBSD developers as "masturbating monkeys".
That said, it's still bloody childish irrespective of who it's coming from.</sentencetext>
</comment>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_43</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29982226
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978296
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977330
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_39</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978350
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977430
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_42</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29986050
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977924
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_33</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978076
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977606
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977430
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977468
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977330
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977480
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977330
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_34</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977990
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977444
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977346
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_25</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978274
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977346
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29985438
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978056
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_41</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29983870
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_24</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29979734
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977850
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977444
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977346
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_26</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978112
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977602
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_31</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977376
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977330
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29995910
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977444
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977346
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_19</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980240
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977956
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977462
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977404
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_23</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977926
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977406
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_37</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980324
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977836
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980950
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978404
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978136
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977560
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977404
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29981398
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977836
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_35</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29993446
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977924
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978216
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_40</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29981364
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977924
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977686
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977330
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29988002
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977330
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_38</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29992096
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977330
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_29</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29986660
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977604
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980912
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978136
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_32</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29982400
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977836
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29982780
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977836
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_28</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980968
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978096
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977406
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_22</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29984520
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978096
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977406
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977474
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977404
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978146
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977602
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_27</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29985452
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977836
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_30</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29979260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977850
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977444
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977346
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_21</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978870
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978818
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977836
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_44</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980816
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978066
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977346
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29981682
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977850
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977444
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977346
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_20</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29979842
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978550
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977430
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29982968
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977444
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977346
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29979090
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977602
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_11_04_0320254_36</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29981402
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977850
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977444
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977346
</commentlist>
</thread>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_11_04_0320254.16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978136
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980912
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978404
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980950
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_11_04_0320254.10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977346
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977444
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29995910
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977850
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29981402
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29979260
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29981682
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29979734
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977990
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29982968
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978274
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978066
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980816
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_11_04_0320254.17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977406
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978096
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980968
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29984520
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977926
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_11_04_0320254.11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977602
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978112
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29979090
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978146
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_11_04_0320254.14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977330
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29992096
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977480
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978296
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29982226
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977686
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977468
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29988002
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977376
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_11_04_0320254.5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978090
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_11_04_0320254.12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29993184
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_11_04_0320254.3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977604
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29986660
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_11_04_0320254.15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977924
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29986050
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29981364
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29993446
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_11_04_0320254.13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977538
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_11_04_0320254.9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977728
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_11_04_0320254.7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978062
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_11_04_0320254.4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977430
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978350
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978550
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29979842
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977606
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_11_04_0320254.2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977404
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977560
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977474
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977462
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977956
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980240
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_11_04_0320254.1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29982708
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_11_04_0320254.8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977310
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_11_04_0320254.6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977630
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29983870
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978216
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978056
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29985438
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978076
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978870
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977836
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29985452
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29982780
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29980324
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29978818
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29981398
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29982400
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_11_04_0320254.0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_11_04_0320254.29977390
</commentlist>
</conversation>
