Re: [Coverity] Untrusted user data in kernel

[Tomas Carnecky <tom@xxxxxxxxxxxxx>]

linux-os wrote:
> On Fri, 17 Dec 2004, Bill Davidsen wrote:
>
> > James Morris wrote:
> >
> > > On Fri, 17 Dec 2004, Patrick McHardy wrote:
>>>
> > > That's what I meant, you need the capability to do anything bad :-)
> >
> > Are you saying that processes with capability don't make mistakes? 
> > This isn't a bug related to untrusted users doing privileged 
> > operations, it's a case of using unchecked user data.
> But isn't there always the possibility of "unchecked user data"?
> I can, as root, do `cp /dev/zero /dev/mem` and have the most
> spectacular crask you've evet seen. I can even make my file-
> systems unrecoverable.
But the difference between you example (cp /dev/zero /dev/mem) and 
passing unchecked data to the kernel is... you _can_ check the data and 
do something about it if you discover that the data is not valid/within 
a range/whatever even if the user has full permissions.
No same person would do a 'cp /dev/zero /dev/mem', but passing bad data 
is more likely to happen, badly written userspace configuration tools etc.
tom