[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: kern/37986: any user can hog the all cpu with _sched_setparam.
The following reply was made to PR kern/37986; it has been noted by GNATS.
From: "Mindaugas R." <rmind%NetBSD.org@localhost>
To: Elad Efrat <elad%NetBSD.org@localhost>
Cc: yamt%mwd.biglobe.ne.jp@localhost, gnats-bugs%NetBSD.org@localhost,
Subject: Re: kern/37986: any user can hog the all cpu with _sched_setparam.
Date: Sun, 10 Feb 2008 13:36:39 +0000
Elad Efrat <elad%NetBSD.org@localhost> wrote:
> Mindaugas R. wrote:
> >>> Environment:
> >>> Description:
> >> any user can hog the all cpu with _sched_setparam.
> >>> How-To-Repeat:
> >>> Fix:
> >> - pass neccessary info to kauth_authorize_foo.
> > What is not passed?
> >> - add appropriate checks in secmodel/.
> > Originally, sched_setparam was superuser-only call. It looks like Elad has
> > changed this behaviour in the 1.46 revision of secmodel_bsd44_suser.c .
> Look at the compat code.
If compat code is wrong, we should not make native calls wrong too.
> I'm working on this.
Main Index |
Thread Index |