[Coverity] Untrusted user data in kernel
James Morris
jmorris at redhat.com
Fri Dec 17 07:45:05 CET 2004
On Fri, 17 Dec 2004, Patrick McHardy wrote:
> James Morris wrote:
>
> >This at least needs CAP_NET_ADMIN.
> >
> It is already checked in do_ip6t_set_ctl(). Otherwise anyone could
> replace iptables rules :)
That's what I meant, you need the capability to do anything bad :-)
- James
--
James Morris
<jmorris at redhat.com>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
More information about the netfilter-devel
mailing list