lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 09 Apr 2020 10:13:55 -0700 (PDT)
From:   David Miller <davem@...emloft.net>
To:     liuhangbin@...il.com
Cc:     netdev@...r.kernel.org, daniel@...earbox.net,
        yoshfuji@...ux-ipv6.org
Subject: Re: [PATCH net] net/ipv6: allow token to be set when accept_ra
 disabled

From: Hangbin Liu <liuhangbin@...il.com>
Date: Thu,  9 Apr 2020 14:56:04 +0800

> The token setting should not depend on whether accept_ra is enabled or
> disabled. The user could set the token at any time. Enable or disable
> accept_ra only affects when the token address take effective.
> 
> On the other hand, we didn't remove the token setting when disable
> accept_ra. So let's just remove the accept_ra checking when user want
> to set token address.
> 
> Fixes: f53adae4eae5 ("net: ipv6: add tokenized interface identifier support")
> Signed-off-by: Hangbin Liu <liuhangbin@...il.com>

It is dangerous to change this, because now people can write bootup
and configuration scripts that will work with newer kernels yet fail
unexpectedly in older kernels.

I think requiring that RA be enabled in order to set the token is
an absolutely reasonable requirement.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ