Herbert Xu wrote:
> On Tue, Sep 26, 2006 at 02:19:32PM +0200, Michael Kerrisk wrote:
> >
> > > The man page netlink(7) refers to nlmsg_pid and nl_pid as process IDs.
> > > This is completely incorrect. Treating them as process IDs can lead
> > > to security holes. So please ask upstream to correct this as soon as
> > > possible.
> >
> > Can you provide a patch with the sort of wording you think is correct?
>
> The point is that these fields are simply opaque values that identify
> a specific netlink socket. So please refer to them as the netlink
> socket address.
The kernel header of 2.6.20 says in include/linux/netlink.h
/* Sending process PID */
If it should be changed in the corresponding manpage, I guess that it should
be changed in the kernel as well (if not first).
Apart from that, the manpage netlink(7) contains the following note:
nlmsg_seq and nlmsg_pid are used to track messages. nlmsg_pid shows
the origin of the message. Note that there isn't a 1:1 relationship
between nlmsg_pid and the PID of the process if the message originated
from a netlink socket. See the ADDRESS FORMATS section for further
information.
which explains that's nlmsg_pid is not exactly a process ID.
Could you propose an improved text instead.
Regards,
Joey
--
Given enough thrust pigs will fly, but it's not necessarily a good idea.
Please always Cc to me when replying to me on the lists.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
