Re: [Coverity] Untrusted user data in kernel
From: Tomas Carnecky
Date: Fri Dec 17 2004 - 08:17:41 EST
James Morris wrote:
That's what I meant, you need the capability to do anything bad :-)
But.. even if you have the 'permission' to do bad things, it shouldn't
be possible.
It's a bug, and only because you can't exploit it if you haven't the
right capabilities doesn't make the bug disappear.
IMHO such things (passing values between user/kernel space) should
always be checked.
tom
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/