NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kern/37986: any user can hog the all cpu with _sched_setparam.



> >Environment:
> >Description:
>       any user can hog the all cpu with _sched_setparam.
> >How-To-Repeat:
>       
> >Fix:
>       - pass neccessary info to kauth_authorize_foo.

What is not passed?

>       - add appropriate checks in secmodel/.

Originally, sched_setparam was superuser-only call. It looks like Elad has
changed this behaviour in the 1.46 revision of secmodel_bsd44_suser.c .

-- 
Best regards,
Mindaugas
www.NetBSD.org



Home | Main Index | Thread Index | Old Index