| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 29 Jan 2010 23:32:11 -0500 From: Jon Masters <jonathan@...masters.org> To: linux-kernel <linux-kernel@...r.kernel.org> Cc: netfilter-devel <netfilter-devel@...r.kernel.org> Subject: why is nf_conntrack_htable_size exported? Folks, Can someone tell me why nf_conntrack_htable_size is both an exported symbol, and available in sysfs to be changed? Doing so will surely cause the system to fall over immediately since this is value is used within the hashing code in conntrack. It is /supposed/ to only be changed under a lock, or at init time when there is not a need to lock it. Perhaps we can get this unexported asap and the value replaced with a function that returns the current value instead? Same goes for the module parameter that can freely be messed around with. Thanks, Jon. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists