[Top] [All Lists]

Re: [Coverity] Untrusted user data in kernel

To: "David S. Miller" <davem@xxxxxxxxxxxxx>
Subject: Re: [Coverity] Untrusted user data in kernel
From: Tomas Carnecky <tom@xxxxxxxxxxxxx>
Date: Fri, 17 Dec 2004 20:34:55 +0100
Cc: jmorris@xxxxxxxxxx, kaber@xxxxxxxxx, bryan@xxxxxxxxxxxx, netdev@xxxxxxxxxxx, netfilter-devel@xxxxxxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx
In-reply-to: <20041217111634.740d4d46.davem@xxxxxxxxxxxxx>
References: <Xine.LNX.4.44.0412170144410.12579-100000@xxxxxxxxxxxxxxxxxxxxxxxx> <41C2DCBC.1080302@xxxxxxxxxxxxx> <20041217111634.740d4d46.davem@xxxxxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0 (Windows/20041206)
David S. Miller wrote:
On Fri, 17 Dec 2004 14:18:52 +0100
Tomas Carnecky <tom@xxxxxxxxxxxxx> wrote:

IMHO such things (passing values between user/kernel space) should always be checked.

As per Patrick's posting, which James was responding to, it is
checked at the level above this function.

Is only the capability checked or also the data passed to the kernel?
It's not clear from Patricks reply:
> It is already checked in do_ip6t_set_ctl(). Otherwise anyone could
> replace iptables rules :)
For me it seems that only CAP_NET_ADMIN is checked and not the data.


<Prev in Thread] Current Thread [Next in Thread>