Searched hist:274366 (Results 1 - 4 of 4) sorted by relevance
/freebsd-11.0-release/sys/dev/null/ | ||
H A D | null.c | diff 274366 Tue Nov 11 05:00:00 MST 2014 pjd Add missing privilege check when setting the dump device. Before that change it was possible for a regular user to setup the dump device if he had write access to the given device. In theory it is a security issue as user might get access to kernel's memory after provoking kernel crash, but in practise it is not recommended to give regular users direct access to storage devices. Rework the code so that we do privileges check within the set_dumper() function to avoid similar problems in the future. Discussed with: secteam |
/freebsd-11.0-release/sys/geom/ | ||
H A D | geom_dev.c | diff 274366 Tue Nov 11 05:00:00 MST 2014 pjd Add missing privilege check when setting the dump device. Before that change it was possible for a regular user to setup the dump device if he had write access to the given device. In theory it is a security issue as user might get access to kernel's memory after provoking kernel crash, but in practise it is not recommended to give regular users direct access to storage devices. Rework the code so that we do privileges check within the set_dumper() function to avoid similar problems in the future. Discussed with: secteam |
/freebsd-11.0-release/sys/kern/ | ||
H A D | kern_shutdown.c | diff 274366 Tue Nov 11 05:00:00 MST 2014 pjd Add missing privilege check when setting the dump device. Before that change it was possible for a regular user to setup the dump device if he had write access to the given device. In theory it is a security issue as user might get access to kernel's memory after provoking kernel crash, but in practise it is not recommended to give regular users direct access to storage devices. Rework the code so that we do privileges check within the set_dumper() function to avoid similar problems in the future. Discussed with: secteam |
/freebsd-11.0-release/sys/sys/ | ||
H A D | conf.h | diff 274366 Tue Nov 11 05:00:00 MST 2014 pjd Add missing privilege check when setting the dump device. Before that change it was possible for a regular user to setup the dump device if he had write access to the given device. In theory it is a security issue as user might get access to kernel's memory after provoking kernel crash, but in practise it is not recommended to give regular users direct access to storage devices. Rework the code so that we do privileges check within the set_dumper() function to avoid similar problems in the future. Discussed with: secteam |
Completed in 130 milliseconds