| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 29 Aug 2016 10:53:25 -0700
From: Stephen Hemminger <stephen@...workplumber.org>
To: "Andrey Jr. Melnikov" <temnota.am@...il.com>
Cc: Stephen Hemminger <shemminger@...l.org>, netdev@...r.kernel.org
Subject: Re: [PATCH] iproute: disallow ip rule del without parameters
On Wed, 24 Aug 2016 23:43:00 +0300
"Andrey Jr. Melnikov" <temnota.am@...il.com> wrote:
> Disallow run `ip rule del` without any parameter to avoid delete any first
> rule from table.
>
> Signed-off-by: Andrey Jr. Melnikov <temnota.am@...il.com>
> ---
>
> diff --git a/ip/iprule.c b/ip/iprule.c
> index 8f24206..70562c5 100644
> --- a/ip/iprule.c
> +++ b/ip/iprule.c
> @@ -346,6 +346,11 @@ static int iprule_modify(int cmd, int argc, char **argv)
> req.r.rtm_type = RTN_UNICAST;
> }
>
> + if (cmd == RTM_DELRULE && argc == 0) {
> + fprintf(stderr, "\"ip rule del\" requires arguments.\n");
> + return -1;
> + }
> +
> while (argc > 0) {
> if (strcmp(*argv, "not") == 0) {
> req.r.rtm_flags |= FIB_RULE_INVERT;
Actually ip rule delete without arguments deletes all rules.
Which could be a bug or feature depending on the user.
I can imagine somebody is doing something like deleting all rules
and putting in new ones for PBR.
Powered by blists - more mailing lists