Re: [Coverity] Untrusted user data in kernel
From: Tomas Carnecky
Date: Fri Dec 17 2004 - 14:15:13 EST
linux-os wrote:
On Fri, 17 Dec 2004, Bill Davidsen wrote:
James Morris wrote:
On Fri, 17 Dec 2004, Patrick McHardy wrote:
>>>
That's what I meant, you need the capability to do anything bad :-)
Are you saying that processes with capability don't make mistakes?
This isn't a bug related to untrusted users doing privileged
operations, it's a case of using unchecked user data.
But isn't there always the possibility of "unchecked user data"?
I can, as root, do `cp /dev/zero /dev/mem` and have the most
spectacular crask you've evet seen. I can even make my file-
systems unrecoverable.
But the difference between you example (cp /dev/zero /dev/mem) and
passing unchecked data to the kernel is... you _can_ check the data and
do something about it if you discover that the data is not valid/within
a range/whatever even if the user has full permissions.
No same person would do a 'cp /dev/zero /dev/mem', but passing bad data
is more likely to happen, badly written userspace configuration tools etc.
tom
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/