On Fri, 31 Aug 2001, Wayne Salamon wrote: > In the case of this hook, 'data' is either a value (5, 10, 35, etc.), or > a pointer to user-space memory where values are written. If somebody is > writing a security module, they better know what the parameters mean. The > question is, would an LSM module ever have to write into the user data > space? Well, based on the placement of the hook call, no, because the > kernel will write the data after the hook is called. > > I don't see a race condition either, because the data read is by value. > What types of dangererous conditions do you think this hook creates? I can't identify a convincing race condition in this case, either, although I admit I'm not a "genius" in that regard... still thinking in terms of one-processor/one-task-at-a-time. Could somebody point out a specific example of where it might be a problem? > Wayne Salamon > wsalamonat_private J. Melvin Jones |>------------------------------------------------------ || J. MELVIN JONES jmjonesat_private |>------------------------------------------------------ || Microcomputer Systems Consultant || Software Developer || Web Site Design, Hosting, and Administration || Network and Systems Administration |>------------------------------------------------------ || http://www.jmjones.com/ |>------------------------------------------------------ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Sat Sep 01 2001 - 15:13:43 PDT