| To: | linux-os@xxxxxxxxxxxx |
|---|---|
| Subject: | Re: [Coverity] Untrusted user data in kernel |
| From: | Horst von Brand <vonbrand@xxxxxxxxxxxx> |
| Date: | Fri, 17 Dec 2004 22:42:04 -0300 |
| Cc: | Bill Davidsen <davidsen@xxxxxxx>, James Morris <jmorris@xxxxxxxxxx>, Patrick McHardy <kaber@xxxxxxxxx>, Bryan Fulton <bryan@xxxxxxxxxxxx>, netdev@xxxxxxxxxxx, netfilter-devel@xxxxxxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx |
| In-reply-to: | Message from linux-os <linux-os@xxxxxxxxxxxxxxxxxx> of "Fri, 17 Dec 2004 11:11:37 CDT." <Pine.LNX.4.61.0412171108340.4216@xxxxxxxxxxxxxxxxxx> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
linux-os <linux-os@xxxxxxxxxxxxxxxxxx> said: > On Fri, 17 Dec 2004, Bill Davidsen wrote: [...] > > Are you saying that processes with capability don't make mistakes? This > > isn't a bug related to untrusted users doing privileged operations, > > it's a case of using unchecked user data. > But isn't there always the possibility of "unchecked user data"? Yes. But it should be kept to a minimum. > I can, as root, do `cp /dev/zero /dev/mem` and have the most > spectacular crask you've evet seen. I can even make my file- > systems unrecoverable. Right. And you can get rid of /dev/mem if you don't want to screw yourself this way (which is well-known). The problem at hand is _not_ in this same league. -- Dr. Horst H. von Brand User #22616 counter.li.org Departamento de Informatica Fono: +56 32 654431 Universidad Tecnica Federico Santa Maria +56 32 654239 Casilla 110-V, Valparaiso, Chile Fax: +56 32 797513 |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: do_IRQ: stack overflow: 872.., Andi Kleen |
|---|---|
| Next by Date: | Re: LLTX and netif_stop_queue, Roland Dreier |
| Previous by Thread: | Re: [Coverity] Untrusted user data in kernel, Tomas Carnecky |
| Next by Thread: | Re: [Coverity] Untrusted user data in kernel, Pavel Machek |
| Indexes: | [Date] [Thread] [Top] [All Lists] |