netdev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Coverity] Untrusted user data in kernel

from [Tomas Carnecky] [Permanent Link][Original]
To: James Morris <jmorris@xxxxxxxxxx>
Subject: Re: [Coverity] Untrusted user data in kernel
From: Tomas Carnecky <tom@xxxxxxxxxxxxx>
Date: Fri, 17 Dec 2004 14:18:52 +0100
Cc: Patrick McHardy <kaber@xxxxxxxxx>, Bryan Fulton <bryan@xxxxxxxxxxxx>, netdev@xxxxxxxxxxx, netfilter-devel@xxxxxxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx
In-reply-to: <Xine.LNX.4.44.0412170144410.12579-100000@thoron.boston.redhat.com>
References: <Xine.LNX.4.44.0412170144410.12579-100000@thoron.boston.redhat.com>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0 (Windows/20041206)
James Morris wrote: 
That's what I meant, you need the capability to do anything bad :-)


But.. even if you have the 'permission' to do bad things, it shouldn't be possible.

It's a bug, and only because you can't exploit it if you haven't the right capabilities doesn't make the bug disappear.

IMHO such things (passing values between user/kernel space) should always be checked.

tom

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Coverity] Untrusted user data in kernel, James Morris
Next by Date:  Re: [Coverity] Untrusted user data in kernel, Pavel Machek
Previous by Thread:  Re: [Coverity] Untrusted user data in kernel, James Morris
Next by Thread:  Re: [Coverity] Untrusted user data in kernel, David S. Miller
Indexes:  [Date] [Thread] [Top] [All Lists]