Re: Problems with some of the current hooks

• Previous message: Stephen Smalley: "Re: Problems with some of the current hooks"
• In reply to: David Wagner: "Re: Problems with some of the current hooks"
• Next in thread: Greg KH: "Re: Problems with some of the current hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 3 Aug 2001, David Wagner wrote:

> I propose to change this warning to be a bit more clear about what
> care should be taken.  For example: When the arg parameter represents
> a user space pointer, it should never be used.  (Calling copy_from_user()
> on it is definitely right out, as it creates a TOCTTOU vulnerability.)

Sure, this is an easy change.

--
Stephen D. Smalley, NAI Labs
ssmalleyat_private





_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Stephen Smalley: "Re: NFSv4"
• Previous message: Stephen Smalley: "Re: Problems with some of the current hooks"
• In reply to: David Wagner: "Re: Problems with some of the current hooks"
• Next in thread: Greg KH: "Re: Problems with some of the current hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 06:48:28 PDT