[Coverity] Untrusted user data in kernel

James Morris jmorris at redhat.com
Fri Dec 17 16:38:46 CET 2004

On Fri, 17 Dec 2004, Pavel Machek wrote:

> Hi!
> > This at least needs CAP_NET_ADMIN.
> Hmm, but that means that CAP_NET_ADMIN implies all other capabilities,
> unless you fix this.

I'm not saying it doesn't need to be fixed, but that it is not exploitable 
by unprivileged users.

- James
James Morris
<jmorris at redhat.com>

More information about the netfilter-devel mailing list