| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20110120091505.165737a1@mjolnir.ossman.eu>
Date: Thu, 20 Jan 2011 09:15:05 +0100
From: Pierre Ossman <pierre-list@...man.eu>
To: "David S. Miller" <davem@...emloft.net>
Cc: netdev@...r.kernel.org, Alexey Kuznetsov <kuznet@....inr.ac.ru>,
"Pekka Savola (ipv6)" <pekkas@...core.fi>,
James Morris <jmorris@...ei.org>,
Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
Patrick McHardy <kaber@...sh.net>
Subject: Re: [RFC][PATCH] Export all RA options that we don't handle to
userspace
Ping!
The userspace support is rather useless without these kernel bits...
On Sun, 12 Dec 2010 14:47:06 +0100
Pierre Ossman <pierre-list@...man.eu> wrote:
> Second patch that exports everything. If noone objects to this model,
> then merge the two patches and just use the commit message from the
> second one.
>
> Pros:
> - Kernel doesn't need to be updated for every new RA option that might
> show up.
>
> Cons:
> - Possible security issue if it requires less privilege to read these
> netlink messages than to open a raw ICMPv6 socket.
> - List of types the kernel is interested in is now in two places in the
> code, creating a risk for getting out of sync. I tried to come up
> with a structure that would prevent this, but couldn't think of
> anything that wouldn't require large changes. Ideas welcome...
>
> Rgds
--
-- Pierre Ossman
WARNING: This correspondence is being monitored by FRA, a
Swedish intelligence agency. Make sure your server uses
encryption for SMTP traffic and consider using PGP for
end-to-end encryption.
Download attachment "signature.asc" of type "application/pgp-signature" (231 bytes)
Powered by blists - more mailing lists