Re: Problems with some of the current hooks

From: David Wagner (dawat_private)
Date: Fri Aug 03 2001 - 13:27:50 PDT

  • Next message: Greg KH: "Re: Problems with some of the current hooks"

    Stephen Smalley  wrote:
    >On 3 Aug 2001, David Wagner wrote:
    >> Stephen Smalley  wrote:
    >> >So it seems desirable to pass this parameter, but we should add a note
    >> >in security.h warning module writers that if this parameter is a
    >> >pointer (as opposed to a simple value), then it is a user space
    >> >pointer.  FIX:  Add a comment to security.h.
    >> Doesn't this introduce a race condition [...]?
    >The arg parameter isn't always a pointer.
    Oh!  So your FIX was to add a comment to security.h saying "you'd
    better ignore this parameter unless it is an integer (calling
    copy_to_user() on it will create a security hole)", right?  That
    sounds good.  Sorry that I mis-interpreted your suggestion.
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Fri Aug 03 2001 - 14:19:32 PDT