Date: Wed, 17 Dec 2008 10:56:49 -0500 (EST) From: "Steven M. Christey" <coley@...us.mitre.org> To: oss-security@...ts.openwall.com cc: Eugene Teo <eugeneteo@...nel.sg>, "Steven M. Christey" <coley@...us.mitre.org> Subject: Re: Re: CVE request: kernel: applicom: fix an unchecked user ioctl range On Wed, 17 Dec 2008, Marcus Meissner wrote: > I guess the accessibility very much depends on the /dev/ac* device > permissions here. For a multiport serial card I guess root/tty only. If there are any realistic situations under which /dev/ac* might have less stringent permissions, then that's good enough for inclusion - either the default configuration, a common configuration, recommended vendor practice, etc. - Steve
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.