On Thu, 28 Sep 2006 16:23:46 -0400 Jeff Garzik <[EMAIL PROTECTED]> wrote:
> Stephen Hemminger wrote: > > There is no reason to not allow non-admin users to query network > > statistics and settings. > > NAK. > > Some functions in the past didn't like getting hit rapidly in succession. > > I would agree to this, but only after an exhaustive audit of each driver > and each sub-ioctl. Right now, I only have confidence in GDRVINFO > probably being safe -- but still that requires an audit, since in rare > cases the driver may be poking firmware and eeprom areas. > > Finally, I fixed a buffer overflow in ethtool version 5, so an audit to > make sure overflows cannot affect the kernel is basically _required_. > > Jeff The first step should be conservative, so why not allow GDRVINFO, and the various offload setting GTSO, GxSUM, ... Agreed, that PHY stuff, register area, WOL, are bad. The statistics stuff also might be a problem for some chips. -- Stephen Hemminger <[EMAIL PROTECTED]> - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
