* James Morris ([EMAIL PROTECTED]) wrote:
cc'd Chris Wright, as this patch seems like a candidate for the stable
tree.
Would be, but I thought secmark went in post 2.6.17. And I expect Dave
will push this well before 2.6.18.
thanks,
-chris
-
To unsubscribe from this list: send the line
From: James Morris [EMAIL PROTECTED]
Date: Fri, 28 Jul 2006 17:00:15 -0400 (EDT)
The patch below fixes a problem in the iptables SECMARK target, where the
user-supplied 'selctx' string may not be nul-terminated.
Applied, thanks James.
-
To unsubscribe from this list: send the line unsubscribe
The patch below fixes a problem in the iptables SECMARK target, where the
user-supplied 'selctx' string may not be nul-terminated.
From initial analysis, it seems that the strlen() called from
selinux_string_to_sid() could run until it arbitrarily finds a zero, and
possibly cause a kernel oops
James Morris wrote:
The patch below fixes a problem in the iptables SECMARK target, where the
user-supplied 'selctx' string may not be nul-terminated.
From initial analysis, it seems that the strlen() called from
selinux_string_to_sid() could run until it arbitrarily finds a zero, and