| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 16 Nov 2012 06:32:21 -0800 From: ebiederm@...ssion.com (Eric W. Biederman) To: Glauber Costa <glommer@...allels.com> Cc: David Miller <davem@...emloft.net>, <netdev@...r.kernel.org>, Linux Containers <containers@...ts.linux-foundation.org> Subject: Re: [PATCH net-next 09/17] net: Allow userns root control of the core of the network stack. Glauber Costa <glommer@...allels.com> writes: > On 11/16/2012 05:03 PM, Eric W. Biederman wrote: >> + if (!capable(CAP_NET_ADMIN)) >> + return -EPERM; >> + >> return netdev_store(dev, attr, buf, len, change_tx_queue_len); > > You mean ns_capable here? No. There I meant capable. I deliberately call capable here because I don't understand what the tx_queue_len well enough to be certain it is safe to relax that check to be just ns_capable. My get feel is that allowing an unprivileged user to be able to arbitrarily change the tx_queue_len on a networking device would be a nice way to allow queuing as many network packets as you would like with kernel memory and DOSing the machine. So since with a quick read of the code I could not convince myself it was safe to allow unprivilged users to change tx_queue_len I left it protected by capable. While at the same time I relaxed the check in netdev_store to be ns_capable. Eric -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists