I would strongly encourage driver writers who use __put_user()
to write comments justifying the use of __put_user() and where/how
access_ok() is called. There are still several drivers (as of 2.2.1)
that call __put_user() without protection, and more drivers where
it takes a non-trivial amount of time to determine that they are
actually safe, with little performance benefit. Since an unprotected
__put_user() can be a direct security hole, it is quite important.
dave...
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/