[openib-general] Re: CM patch for 2.6.17 merge
Roland Dreier
rdreier at cisco.com
Tue Apr 4 14:43:43 PDT 2006
Roland> Not sure I understand this. What's the exploit?
Michael> Connecting from userspace to an SDP socket. People expect
Michael> sockets to be kernel-level.
Without SDP upstream I don't see the security issue. Even with SDP
upstream it's dubious: everything coming in from the network should be
untrusted. I don't see how you can prevent userspace from sending CM
messages on an arbitrary UD QP.
- R.
More information about the general
mailing list