| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20071013060400.GD8181@ftp.linux.org.uk> Date: Sat, 13 Oct 2007 07:04:00 +0100 From: Al Viro <viro@....linux.org.uk> To: Casey Schaufler <casey@...aufler-ca.com> Cc: torvalds@...l.org, akpm@...l.org, linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org Subject: Re: [PATCH] Version 6 (2.6.23) Smack: Simplified Mandatory Access Control Kernel On Fri, Oct 12, 2007 at 10:01:17PM -0700, Casey Schaufler wrote: What do you need smk_sb for? Looks like dead weight... smk_read_load(): obvious seq_file candidate. smk_read_cipso(): ditto. What protects smk_cipso_written? BTW, its use on the read side is an atrocity... smk_write_doi() - WTF would NUL-terminate temp[]? You run sscanf on it... smk_write_direct() - ditto smk_write_ambient() - ditto smk_read_ambient() - who said that you won't get write between strlen() and simple_read_from_buffer()? smk_import_entry(): > + for (skp = smack_known; skp != NULL; skp = skp->smk_next) > + if (skp->smk_known == smack) > + break; Really? With smack[] being an auto array? That's from quick look through the read/write in there; I hadn't really looked into parsers or deeper into the guts. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists