Re: [Coverity] Untrusted user data in kernel
From: Tomas Carnecky
Date: Fri Dec 17 2004 - 14:37:33 EST
David S. Miller wrote:
On Fri, 17 Dec 2004 14:18:52 +0100
Tomas Carnecky <tom@xxxxxxxxxxxxx> wrote:
IMHO such things (passing values between user/kernel space) should
always be checked.
As per Patrick's posting, which James was responding to, it is
checked at the level above this function.
Is only the capability checked or also the data passed to the kernel?
It's not clear from Patricks reply:
> It is already checked in do_ip6t_set_ctl(). Otherwise anyone could
> replace iptables rules :)
For me it seems that only CAP_NET_ADMIN is checked and not the data.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/