Re: old buffer overflow in moxa driver

From: Alan Cox
Date: Tue May 01 2007 - 05:49:15 EST

Next message: Neil Brown: "Re: nfsd/md patches Re: 2.6.22 -mm merge plans"
Previous message: Neil Brown: "Re: SCSI discover order strangeness [Bug 8412] New: CONFIG_MOUSE_PS2 makes RAID detection fail"
In reply to: dann frazier: "Re: old buffer overflow in moxa driver"
Next in thread: Jiri Slaby: "Re: old buffer overflow in moxa driver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > At the point you abuse these calls you can already just load arbitary
> > data from userspace anyway.
>
> So the possible exploit will only work when run by root, is that what you
> mean? If so isn't that still a security problem?

To exploit the hole you need CAP_SYS_RAWIO which is the highest
capability of all. CAP_SYS_RAWIO gives you the ability to access hardware
directly so since it checks for CAP_SYS_RAWIO it isn't security.

The patch isn't wrong however and adds some sanity checking so it would
do no harm to send it to Andrew for -mm testing.

Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Neil Brown: "Re: nfsd/md patches Re: 2.6.22 -mm merge plans"
Previous message: Neil Brown: "Re: SCSI discover order strangeness [Bug 8412] New: CONFIG_MOUSE_PS2 makes RAID detection fail"
In reply to: dann frazier: "Re: old buffer overflow in moxa driver"
Next in thread: Jiri Slaby: "Re: old buffer overflow in moxa driver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]