Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 14 Oct 2008 14:51:16 -0400 (EDT)
From: "Steven M. Christey" <>
Subject: Re: CVE request: kernel: don't allow splice() to
 files opened with O_APPEND

On Mon, 13 Oct 2008, Eugene Teo wrote:

> "[PATCH] Don't allow splice() to files opened with O_APPEND
> But Miklos convinced me that we should at least give it some thought,
> and that accepting writes at arbitrary offsets is wrong at least for
> IS_APPEND() files (which always have O_APPEND set, even if the reverse
> isn't true: you can obviously have O_APPEND set on a regular file).

Use CVE-2008-4554, to be filled in later.

- Steve

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.