Re: [RFC] bridge: STP timer management range checking

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Alan Cox

Subject: Re: [RFC] bridge: STP timer management range checking

Date: Monday, September 1, 2008 - 1:38 am

> > Seems bogus extra code to me - stops things working that should be
quoted text> > allowed too.
> >   
> The timer configuration is propagated in network protocol, so 
> misconfigured Linux box
> could survive but effect other devices on the network that are less 
> robust. Maybe the

That would be irrelevant. CAP_NET_ADMIN lets you make that size mess
anyway.

quoted text> small values would cause some other bridge to crash, go infinite loop, ...
> More likely robust devices might ignore our packets (because values out 
> of range), leading to
> routing loops and other disasters.

Spamming tree isn't secure, news at 11.

quoted text> The kernel does need to stop administrative settings from taking out a 
> network. 

If you have CAP_NET_ADMIN you can trivially take out the network unless
it is properly switched.

Now you might want your pretty little GUI and/or config tools to warn
people that their configuration is outside 802 specs but that is a
different matter altogether

Alan
--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: ksoftirqd high cpu load on kernels 2.6.24 to 2.6.27-rc ..., Dushan Tcholich, (Fri Aug 29, 6:48 pm)

Re: ksoftirqd high cpu load on kernels 2.6.24 to 2.6.27-rc ..., Dushan Tcholich, (Sun Aug 31, 1:51 am)

Re: ksoftirqd high cpu load on kernels 2.6.24 to 2.6.27-rc ..., Stephen Hemminger, (Sun Aug 31, 10:05 am)

[RFC] bridge: STP timer management range checking, Stephen Hemminger, (Sun Aug 31, 10:43 am)

Re: ksoftirqd high cpu load on kernels 2.6.24 to 2.6.27-rc ..., Dushan Tcholich, (Sun Aug 31, 12:14 pm)

Re: [RFC] bridge: STP timer management range checking, Alan Cox, (Sun Aug 31, 3:02 pm)

Re: [RFC] bridge: STP timer management range checking, Stephen Hemminger, (Sun Aug 31, 4:29 pm)

Re: [RFC] bridge: STP timer management range checking, Valdis.Kletnieks, (Sun Aug 31, 7:25 pm)

Re: [RFC] bridge: STP timer management range checking, Alan Cox, (Mon Sep 1, 1:38 am)

Re: [RFC] bridge: STP timer management range checking, Rick Jones, (Tue Sep 2, 9:40 am)

Re: [RFC] bridge: STP timer management range checking, David Miller, (Tue Sep 2, 4:41 pm)

Re: [RFC] bridge: STP timer management range checking, Rick Jones, (Tue Sep 2, 5:00 pm)

Re: [RFC] bridge: STP timer management range checking, David Miller, (Tue Sep 2, 5:28 pm)

[PATCH] bridge: don't allow setting hello time to zero, Stephen Hemminger, (Thu Sep 4, 3:47 pm)

Re: [PATCH] bridge: don't allow setting hello time to zero, David Miller, (Mon Sep 8, 1:46 pm)

Re: [PATCH] bridge: don't allow setting hello time to zero, Dushan Tcholich, (Mon Sep 8, 2:35 pm)

Re: [PATCH] bridge: don't allow setting hello time to zero, Stephen Hemminger, (Mon Sep 8, 3:33 pm)


linux-kernel:
Michael Trimarchi	Re: [PATCH] VFS: make file->f_pos access atomic on 32bit arch
Miklos Szeredi	[patch 14/15] vfs: more path_permission() conversions
Serge E. Hallyn	Re: [RFC v5][PATCH 7/8] Infrastructure for shared objects
Bernd Schmidt	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
Takashi Iwai	[PATCH 2/2] input: Add LED support to Synaptics device
git:
Junio C Hamano	Re: mingw, windows, crlf/lf, and git
Eyvind Bernhardsen	Re: Where has "git ls-remote" reference pattern matching gone?
Shawn O. Pearce	Re: Switching from CVS to GIT
Todd Zullinger	Re: [PATCH 2/2] send-email: rfc2047-quote subject lines with non-ascii characters
Santi Béjar	Re: How to use git-fmt-merge-msg?
linux-netdev:
Ramkrishna Vepa	[net-2.6 PATCH 1/10] Neterion: New driver: Driver help file
Mark Anthony	invitation / inquiry
Ingo Molnar	Re: [PATCH 08/16] dma-debug: add core checking functions
David Miller	Re: [PATCH 1/3] f_phonet: dev_kfree_skb instead of dev_kfree_skb_any in TX callback
Sascha Hauer	[PATCH 03/12] fec: do not typedef struct types
git-commits-head:
Linux Kernel Mailing List	amba: struct device - replace bus_id with dev_name(), dev_set_name()
Linux Kernel Mailing List	MIPS: Yosemite: Convert SMP startup lock to arch spinlock.
Linux Kernel Mailing List	ARM: S5PC100: IRQ and timer
Linux Kernel Mailing List	davinci: edma: clear interrupt status for interrupt enabled channels only
Linux Kernel Mailing List	x86, mm, kprobes: fault.c, simplify notify_page_fault()
openbsd-misc:
Daniel A. Ramaley	Re: [semi-OT] Can anyone recommend an OpenBSD-compatible colour laser printer?
Matthias Kilian	Re: can't get vesa @ 1280x800 or nv
Tobias Ulmer	Re: Problem after upgrade 4.5 to 4.6: ERR M
Philip Guenther	Re: SIGCHLD and libpthread.so
J.C. Roberts	Re: [semi-OT] Can anyone recommend an OpenBSD-compatible colour laser printer?