| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 22 Aug 2012 21:53:16 -0700 (PDT) From: David Miller <davem@...emloft.net> To: pablo@...filter.org Cc: netdev@...r.kernel.org Subject: Re: [PATCH 2/2] [RFC] netlink: fix possible spoofing from non-root processes From: Pablo Neira Ayuso <pablo@...filter.org> Date: Mon, 20 Aug 2012 21:09:15 +0200 > On Sun, Aug 19, 2012 at 11:23:27PM +0200, Pablo Neira Ayuso wrote: >> On Fri, Aug 17, 2012 at 07:22:29PM +0200, pablo@...filter.org wrote: >> [...] >> > [ I don't know any FOSS program making use of Netlink to communicate >> > to processes, please, let me know if I'm missing anyone important ] >> >> Patrick pinged me for little reminder on NETLINK_USERSOCK. We still >> have to allow netlink-to-netlink userspace communication for it. >> >> So, please find a new version of this patch that allows non-root >> processes for that Netlink bus. For others, my patch restricts to root >> processes the ability of sending messages with dst_pid != 0. > > Sorry, I just noticed that you cannot apply this to your net tree > since it depends on patch 1/2 which is not a fix. > > I'll get back to you with one path that you can apply to your net > tree. > > I'll resend 1/2 later to net-next once this has been sorted out. Ok, waiting for new versions of these patches, thanks. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists