[Coverity] Untrusted user data in kernel

David S. Miller davem at davemloft.net
Fri Dec 17 20:30:06 CET 2004


On Fri, 17 Dec 2004 20:34:55 +0100
Tomas Carnecky <tom at dbservice.com> wrote:

>  > It is already checked in do_ip6t_set_ctl(). Otherwise anyone could
>  > replace iptables rules :)
> For me it seems that only CAP_NET_ADMIN is checked and not the data.

If that's the case then I agree with you Tomas.



More information about the netfilter-devel mailing list