Re: [Coverity] Untrusted user data in kernel

From: Oliver Neukum
Date: Fri Dec 17 2004 - 11:39:29 EST

Next message: Pavel Machek: "Re: [linux-pm] Re: Cleanup PCI power states"
Previous message: Rajat Jain, Noida: "RE: zero copy issue while receiving the data (counter part of sendfil e)"
In reply to: linux-os: "Re: [Coverity] Untrusted user data in kernel"
Next in thread: Bill Davidsen: "Re: [Coverity] Untrusted user data in kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > Are you saying that processes with capability don't make mistakes? This isn't
> > a bug related to untrusted users doing privileged operations, it's a case of
> > using unchecked user data.
> >
>
> But isn't there always the possibility of "unchecked user data"?
> I can, as root, do `cp /dev/zero /dev/mem` and have the most
> spectacular crask you've evet seen. I can even make my file-
> systems unrecoverable.

Only if you have the capability for raw hardware access.
The same is true for the firmware interface. What other subsystems might
be dangerous?

Regards
Oliver
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Pavel Machek: "Re: [linux-pm] Re: Cleanup PCI power states"
Previous message: Rajat Jain, Noida: "RE: zero copy issue while receiving the data (counter part of sendfil e)"
In reply to: linux-os: "Re: [Coverity] Untrusted user data in kernel"
Next in thread: Bill Davidsen: "Re: [Coverity] Untrusted user data in kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]