Re: [PATCH 0/8] SECURITY ISSUE with connector

[PATCH 0/8] SECURITY ISSUE with connector · Philipp Reisner <philipp.reisner@linbit.com> · 2009-10-02
[PATCH 1/8] connector: Keep the skb in cn_callback_data · Philipp Reisner <philipp.reisner@linbit.com> · 2009-10-02
[PATCH 2/8] connector: Provide the sender's credentials to the callback · Philipp Reisner <philipp.reisner@linbit.com> · 2009-10-02
[PATCH 3/8] connector/dm: Fixed a compilation warning · Philipp Reisner <philipp.reisner@linbit.com> · 2009-10-02
[PATCH 4/8] connector: Removed the destruct_data callback since it is always kfree_skb() · Philipp Reisner <philipp.reisner@linbit.com> · 2009-10-02
[PATCH 5/8] dm/connector: Only process connector packages from privileged processes · Philipp Reisner <philipp.reisner@linbit.com> · 2009-10-02
[PATCH 6/8] dst/connector: Disallow unpliviged users to configure dst · Philipp Reisner <philipp.reisner@linbit.com> · 2009-10-02
[PATCH 7/8] pohmelfs/connector: Disallow unpliviged users to configure pohmelfs · Philipp Reisner <philipp.reisner@linbit.com> · 2009-10-02
[PATCH 8/8] uvesafb/connector: Disallow unpliviged users to send netlink packets · Philipp Reisner <philipp.reisner@linbit.com> · 2009-10-02
Re: [PATCH 5/8] dm/connector: Only process connector packages from privileged processes · Jonathan Brassow <hidden> · 2009-10-02
Re: [PATCH 0/8] SECURITY ISSUE with connector · Greg KH <hidden> · 2009-10-02
Re: [PATCH 0/8] SECURITY ISSUE with connector · Philipp Reisner <philipp.reisner@linbit.com> · 2009-10-02
Re: [PATCH 0/8] SECURITY ISSUE with connector · Greg KH <hidden> · 2009-10-02
Re: [PATCH 0/8] SECURITY ISSUE with connector · David Miller <davem@davemloft.net> · 2009-10-02
Re: [PATCH 0/8] SECURITY ISSUE with connector · Lars Ellenberg <lars.ellenberg@linbit.com> · 2009-10-02
Re: [PATCH 0/8] SECURITY ISSUE with connector · David Miller <davem@davemloft.net> · 2009-10-02
Re: [PATCH 0/8] SECURITY ISSUE with connector · Greg KH <hidden> · 2009-10-02
Re: [PATCH 0/8] SECURITY ISSUE with connector · David Miller <davem@davemloft.net> · 2009-10-02
Re: [PATCH 0/8] SECURITY ISSUE with connector · Greg KH <hidden> · 2009-10-02
Re: [PATCH 0/8] SECURITY ISSUE with connector · Evgeniy Polyakov <hidden> · 2009-10-04
Re: [PATCH 0/8] SECURITY ISSUE with connector · Greg KH <hidden> · 2009-10-09

From: David Miller <davem@davemloft.net>
Date: 2009-10-02 17:56:41
Also in: dm-devel, linux-fbdev, lkml

From: Philipp Reisner <philipp.reisner@linbit.com>
Date: Fri,  2 Oct 2009 14:40:03 +0200

Affected: All code that uses connector, in kernel and out of mainline

The connector, as it is today, does not allow the in kernel receiving
parts to do any checks on privileges of a message's sender.

I know, there are not many out there that like connector, but as
long as it is in the kernel, we have to fix the security issues it has!

Please either drop connector, or someone who feels a bit responsible
and has our beloved dictator's blessing, PLEASE PLEASE PLEASE take 
this into your tree, and send the pull request to Linus.

Patches 1 to 4 are already Acked-by Evgeny, the connector's maintainer.
Patches 5 to 7 are the obvious fixes to the connector user's code.

For convenience these patches are also available as git tree:
git://git.drbd.org/linux-2.6-drbd.git connector-fix

All applied to net-2.6, I'll push this out to Linus later
today.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help