lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 21 Feb 2011 13:47:09 -0800 From: Phil Karn <karn@...q.net> To: Brent Cook <bcook@...akingpoint.com> CC: Michał Mirosław <mirqus@...il.com>, Eric Dumazet <eric.dumazet@...il.com>, richard -rw- weinberger <richard.weinberger@...il.com>, kaber@...sh.net, netdev@...r.kernel.org Subject: Re: Off-by-one error in net/8021q/vlan.c On 2/21/11 11:26 AM, Brent Cook wrote: >> Allowing it but with a big fat warning in logs is even better: "You >> want your network broken? Sure, can do, but you have been warned." *By all means* have vconfig issue a warning for 4095 just as it already does for vlan 1. As I explained the only reason I wanted to do this was to talk to a piece of equipment that had been misconfigured to use vlan 4095 so I could fix it. At the time I was using a newly built Linux system running off a live CD, and only it had a physical network connection to the device I was trying to fix. I'm reminded of the classic example of an airliner that is so "smart" and "idiot proof" that it always disallows a throttle setting that might shorten the life of the engines. The designers hadn't considered the possibility that such a setting might be necessary to avoid a crash that, too, shortens engine life. The obvious answer is to allow it but make sure he knows what he's doing. So it takes noticeably more force to push the handles past the safe limits, but it can be done if you really want to. So if an airliner allows a command that might cause costly engine damage, I think Linux can allow a command that violates a usage convention written in a spec. With a warning, of course. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists