Re: Problems with some of the current hooks

• Previous message: Greg KH: "Re: Problems with some of the current hooks"
• In reply to: Stephen Smalley: "Re: Problems with some of the current hooks"
• Next in thread: Stephen Smalley: "Re: Problems with some of the current hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Stephen Smalley  wrote:
>On 3 Aug 2001, David Wagner wrote:
>> Stephen Smalley  wrote:
>> >So it seems desirable to pass this parameter, but we should add a note
>> >in security.h warning module writers that if this parameter is a
>> >pointer (as opposed to a simple value), then it is a user space
>> >pointer.  FIX:  Add a comment to security.h.
>> 
>> Doesn't this introduce a race condition [...]?
>
>The arg parameter isn't always a pointer.

Oh!  So your FIX was to add a comment to security.h saying "you'd
better ignore this parameter unless it is an integer (calling
copy_to_user() on it will create a security hole)", right?  That
sounds good.  Sorry that I mis-interpreted your suggestion.

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Greg KH: "Re: Problems with some of the current hooks"
• Previous message: Greg KH: "Re: Problems with some of the current hooks"
• In reply to: Stephen Smalley: "Re: Problems with some of the current hooks"
• Next in thread: Stephen Smalley: "Re: Problems with some of the current hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Aug 03 2001 - 14:19:32 PDT