Re: [Coverity] Untrusted user data in kernel

To:	Patrick McHardy <kaber@xxxxxxxxx>
Subject:	Re: [Coverity] Untrusted user data in kernel
From:	James Morris <jmorris@xxxxxxxxxx>
Date:	Fri, 17 Dec 2004 01:45:05 -0500 (EST)
Cc:	Bryan Fulton <bryan@xxxxxxxxxxxx>, <netdev@xxxxxxxxxxx>, <netfilter-devel@xxxxxxxxxxxxxxxxxxx>, <linux-kernel@xxxxxxxxxxxxxxx>
In-reply-to:	<41C26DD1.7070006@trash.net>
Sender:	netdev-bounce@xxxxxxxxxxx

On Fri, 17 Dec 2004, Patrick McHardy wrote:

> James Morris wrote:
> 
> >This at least needs CAP_NET_ADMIN.
> >
> It is already checked in do_ip6t_set_ctl(). Otherwise anyone could
> replace iptables rules :)

That's what I meant, you need the capability to do anything bad :-)


- James
-- 
James Morris
<jmorris@xxxxxxxxxx>

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [Coverity] Untrusted user data in kernel, James Morris Re: [Coverity] Untrusted user data in kernel, Patrick McHardy Re: [Coverity] Untrusted user data in kernel, James Morris <= Re: [Coverity] Untrusted user data in kernel, Tomas Carnecky Re: [Coverity] Untrusted user data in kernel, David S. Miller Re: [Coverity] Untrusted user data in kernel, Tomas Carnecky Re: [Coverity] Untrusted user data in kernel, David S. Miller Re: [Coverity] Untrusted user data in kernel, Bill Davidsen Re: [Coverity] Untrusted user data in kernel, linux-os Re: [Coverity] Untrusted user data in kernel, Oliver Neukum Re: [Coverity] Untrusted user data in kernel, Bill Davidsen Re: [Coverity] Untrusted user data in kernel, Tomas Carnecky Re: [Coverity] Untrusted user data in kernel, Oliver Neukum

Previous by Date:	Re: [Coverity] Untrusted user data in kernel, Patrick McHardy
Next by Date:	Re: [Coverity] Untrusted user data in kernel, Tomas Carnecky
Previous by Thread:	Re: [Coverity] Untrusted user data in kernel, Patrick McHardy
Next by Thread:	Re: [Coverity] Untrusted user data in kernel, Tomas Carnecky
Indexes:	[Date] [Thread] [Top] [All Lists]