On Fri, Apr 14, 2006 at 10:59:13AM -0700, Randy.Dunlap wrote:
> On Fri, 14 Apr 2006 10:47:26 -0700 Jean Tourrilhes wrote:
>
> > Hi John,
> >
> > I've just realised that the RtNetlink code does not check the
> > permission for SIOCGIWENCODE and SIOCGIWENCODEEXT, which means that
> > any user can read the encryption keys. The fix is trivial and should
> > go in 2.6.17 alonside the two other patch I sent you last week.
> > Fully tested on 2.6.17-rc1.
>
> and for -stable ??
The RtNetlink code (WE-20) was only included in 2.6.17-rc1 and
therefore is not available in 2.6.16.
Jean
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
