Age | Commit message (Collapse) | Author |
|
text data bss dec hex filename
2999 0 0 2999 bb7 networking/libiproute/iprule.o
|
|
|
|
|
|
|
|
|
|
Denis Vlasenko when building with -ffunction-sections -fdata-sections
|
|
|
|
Hello,
Last November a bug was found in iproute. CAN-2003-0856 has more information.
Basically, netlink packets can come from any user. If a program performs action
based on netlink packets, they must be examined to make sure they came from the
place they are expected (the kernel).
Attached is a patch against pre8. Please apply this before releasing 1.00 final.
All users of busy box may be vulnerable to local attacks without it.
Best Regards,
Steve Grubb
|
|
|
|
I'm building BusyBox using a development kit for MontaVista Hardhat Linux
(PPC) -- which, at least in this instance, is based around kernel 2.2.14.
I've had to massage a few files in networking/libiproute/ to make it
compile. Specifically:
(1) Added a #include <sys/uio.h> for the iovec structure in
libnetlink.c,
(2) Put ifdefs in ll_types.c and ll_proto.c around various
constants (ETH_P_xxx and ARPHRD_xxx) that weren't defined,
(3) Make do_changename() in iplink.c require a kernel >=
2.4.0 -- the ifr structure in my environment doesn't
have the ifr_name attribute. I've assumed this is
a kernel dependency -- let me know if I ought to be
checking something else.
In the absence of the correct kernel, do_changename()
always returns 0.
Attached is a patch against the current CVS that will make these changes.
-- Lars
|
|
|
|
|
|
|
|
|