lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 8 Feb 2010 18:10:29 +0100 (MET) From: Patrick McHardy <kaber@...sh.net> To: davem@...emloft.net Cc: netdev@...r.kernel.org, Patrick McHardy <kaber@...sh.net>, netfilter-devel@...r.kernel.org Subject: netfilter 03/05: nf_conntrack: restrict runtime expect hashsize modifications commit 38c7233b287481dfb3327dde136801ce500aba58 Author: Alexey Dobriyan <adobriyan@...il.com> Date: Thu Feb 4 18:24:06 2010 +0100 netfilter: nf_conntrack: restrict runtime expect hashsize modifications Expectation hashtable size was simply glued to a variable with no code to rehash expectations, so it was a bug to allow writing to it. Make "expect_hashsize" readonly. Signed-off-by: Alexey Dobriyan <adobriyan@...il.com> Cc: stable@...nel.org Signed-off-by: Patrick McHardy <kaber@...sh.net> diff --git a/net/netfilter/nf_conntrack_expect.c b/net/netfilter/nf_conntrack_expect.c index fdf5d2a..4ad7d1d 100644 --- a/net/netfilter/nf_conntrack_expect.c +++ b/net/netfilter/nf_conntrack_expect.c @@ -569,7 +569,7 @@ static void exp_proc_remove(struct net *net) #endif /* CONFIG_PROC_FS */ } -module_param_named(expect_hashsize, nf_ct_expect_hsize, uint, 0600); +module_param_named(expect_hashsize, nf_ct_expect_hsize, uint, 0400); int nf_conntrack_expect_init(struct net *net) { -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists