[Coverity] Untrusted user data in kernel

James Morris jmorris at redhat.com
Fri Dec 17 16:38:46 CET 2004


On Fri, 17 Dec 2004, Pavel Machek wrote:

> Hi!
> 
> > This at least needs CAP_NET_ADMIN.
> 
> Hmm, but that means that CAP_NET_ADMIN implies all other capabilities,
> unless you fix this.

I'm not saying it doesn't need to be fixed, but that it is not exploitable 
by unprivileged users.


- James
-- 
James Morris
<jmorris at redhat.com>





More information about the netfilter-devel mailing list