From: Andi K. <ak...@su...> - 2000-08-25 12:54:22
|
On Fri, Aug 25, 2000 at 01:50:56PM +0100, David Woodhouse wrote: > I don't comprehend. The flag is being set only in the struct sock > which is used by the netlink_dev. It's not being set anywhere else. Only > operations on that particular socket will bypass the capability check. > > Other users can create their own socket, which won't have the same flag > set. How can they access the socket which is being used by the netlink_dev, > without actually going through the permissions check required to open > /dev/tap$n ? Yes, I misread the code. There is no hole. -Andi |