Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 14 Oct 2008 14:51:16 -0400 (EDT)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security@...ts.openwall.com
Subject: Re: CVE request: kernel: don't allow splice() to
 files opened with O_APPEND


On Mon, 13 Oct 2008, Eugene Teo wrote:

> "[PATCH] Don't allow splice() to files opened with O_APPEND
>
> But Miklos convinced me that we should at least give it some thought,
> and that accepting writes at arbitrary offsets is wrong at least for
> IS_APPEND() files (which always have O_APPEND set, even if the reverse
> isn't true: you can obviously have O_APPEND set on a regular file).

Use CVE-2008-4554, to be filled in later.

- Steve

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.