Re: Adding checkpointing API to Linux kernel
Steven Roberts (strobert@ata-sd.com)
Thu, 21 Jan 1999 09:02:49 -0800
Alexander Kjeldaas wrote:
>
> On Tue, Jan 19, 1999 at 02:55:47AM -0600, Michael Elizabeth Chastain wrote:
> > Hi Alexander,
> >
> > > And from time to time, security issues regarding ioctls that are not
> > > checking for privileges when they should are found. A central
> > > ioctl-directory is a good place to have privilege information too.
> >
> > This is much less frequent in 2.1 with the current uaccess.h
> > implementations of copy_from_user, copy_to_user, get_user, put_user.
> > At least on i386, these facilities cannot stomp on kernel memory no
> > matter *what* values the user specifies.
> >
>
> This isn't the problem. The problem is ioctl calls which should have
> an capable(SOMETHING) check, but don't. Errors like that are probably
> easier to spot if they are specified centrally.
>
> astor
speaking of ioctl's, are there any good spots to find documentaion of
all
of the ioctl's. sometimes I have found them in the driver src, somtimes
man
pages, sometimes doc directory in the general tree, etc...
Just wondering if there is any available documentation about them in a
standard location.
Steve
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/