On 3 Aug 2001, David Wagner wrote: > Stephen Smalley wrote: > >So it seems desirable to pass this parameter, but we should add a note > >in security.h warning module writers that if this parameter is a > >pointer (as opposed to a simple value), then it is a user space > >pointer. FIX: Add a comment to security.h. > > Doesn't this introduce a race condition (time-of-check-to-time-of-use > vulnerability), if the module ever dereferences the user pointer? Am > I missing something? The arg parameter isn't always a pointer. In some cases, it is a simple integer value (passed by value, not by reference). In at least one such case (fcntl with F_SETFL), we have a specific example in SELinux where the module needs to know that integer value. So, yes, in the cases where the arg parameter is a pointer, I wouldn't recommend that the module use it, but I want the module to be able to use it when it is a simple value. -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Aug 03 2001 - 12:08:31 PDT