[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 08 Aug 2017 12:38:58 -0400
From: Hannes Frederic Sowa <hannes@...essinduktion.org>
To: Tom Herbert <tom@...ntonium.net>
Cc: netdev@...r.kernel.org, rohit@...ntonium.net, davejwatson@...com,
john.fastabend@...il.com
Subject: Re: [PATCH v3 net-next 3/5] sock: ULP infrastructure
Tom Herbert <tom@...ntonium.net> writes:
> +#ifdef CONFIG_MODULES
> + if (!ulp && capable(CAP_NET_ADMIN)) {
> + rcu_read_unlock();
> + request_module("%s", name);
> + rcu_read_lock();
> + ulp = ulp_find(name);
> + }
> +#endif
It looks to me that this allows users with only CAP_NET_ADMIN
privileges to load every module?
Powered by blists - more mailing lists