| commit | 401ef3d54cde6967c856b8fb362a91f406750767 | |
| author | Alan Cox <alan@redhat.com> | |
| Fri, 2 Nov 2007 02:41:27 +0000 (2 03:41 +0100) | ||
| committer | Adrian Bunk <bunk@kernel.org> | |
| Fri, 2 Nov 2007 02:41:27 +0000 (2 03:41 +0100) | ||
| tree | 32e471312dce43648f063a94283c9cfb44eeff77 | treesnapshot (tar.gz zip) |
| parent | da8262844e325cc9361114c55e8507c1fee54941 | commitdiff |
aacraid: fix security hole (CVE-2007-4308)
On the SCSI layer ioctl path there is no implicit permissions check for
ioctls (and indeed other drivers implement unprivileged ioctls). aacraid
however allows all sorts of very admin only things to be done so should
check.
Signed-off-by: Alan Cox <alan@redhat.com>
Acked-by: Mark Salyzyn <mark_salyzyn@adaptec.com>
Signed-off-by: Adrian Bunk <bunk@kernel.org>
On the SCSI layer ioctl path there is no implicit permissions check for
ioctls (and indeed other drivers implement unprivileged ioctls). aacraid
however allows all sorts of very admin only things to be done so should
check.
Signed-off-by: Alan Cox <alan@redhat.com>
Acked-by: Mark Salyzyn <mark_salyzyn@adaptec.com>
Signed-off-by: Adrian Bunk <bunk@kernel.org>
| drivers/scsi/aacraid/linit.c | diffblobblamehistory |