Re: [Coverity] Untrusted user data in kernel

From: Tomas Carnecky
Date: Fri Dec 17 2004 - 14:37:33 EST

David S. Miller wrote:
On Fri, 17 Dec 2004 14:18:52 +0100
Tomas Carnecky <tom@xxxxxxxxxxxxx> wrote:

IMHO such things (passing values between user/kernel space) should always be checked.

As per Patrick's posting, which James was responding to, it is
checked at the level above this function.

Is only the capability checked or also the data passed to the kernel?
It's not clear from Patricks reply:
> It is already checked in do_ip6t_set_ctl(). Otherwise anyone could
> replace iptables rules :)
For me it seems that only CAP_NET_ADMIN is checked and not the data.

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at