| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20101112224026.GA21134@core2.telecom.by> Date: Sat, 13 Nov 2010 00:40:27 +0200 From: Alexey Dobriyan <adobriyan@...il.com> To: David Miller <davem@...emloft.net> Cc: shemminger@...tta.com, netdev@...r.kernel.org Subject: Re: [PATCH 4/10] Fix leaking of kernel heap addresses in net/ On Fri, Nov 12, 2010 at 12:37:38PM -0800, David Miller wrote: > From: Alexey Dobriyan <adobriyan@...il.com> > Date: Fri, 12 Nov 2010 22:18:50 +0200 > > > On Fri, Nov 12, 2010 at 08:33:15AM -0800, Stephen Hemminger wrote: > >> Also, the whole idea needs to be under a config option, so only > >> the paranoid idiots turn it on. > > > > Would be fun if something will break because ffff8800bcd498c0 > > will become something else. :-) > > Actually, this is not even a joke. > > Take a look at how we track what sockets a user wants dumped via > the inet_diag netlink facility, the socket pointer is used as > the identification cookie. I think we should not expose kernel pointers in future interfaces, but leave existing ones alone. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists