From: Jeff Garzik <[EMAIL PROTECTED]>
Date: Thu, 28 Sep 2006 18:25:26 -0400
> GWOL now spits out a password for all users -> security risk. Ditto
> GEEPROM. GSET has been known to cause hangs if done in a tight loop, on
> some 10/100 cards, which is now permitted by any user. At the very
> least, it should be rate-limited.
>
> I wasn't just being obstinate, when requesting an audit.
Ok, I've removed GSET, GWOL and GSTATS (GEEPROM was not in the
original list in Stephen's patch). In fact I'll remove
GLINK too as that might touch the hardware as well.
That leaves us with:
case ETHTOOL_GDRVINFO:
case ETHTOOL_GMSGLVL:
case ETHTOOL_GCOALESCE:
case ETHTOOL_GRINGPARAM:
case ETHTOOL_GPAUSEPARAM:
case ETHTOOL_GRXCSUM:
case ETHTOOL_GTXCSUM:
case ETHTOOL_GSG:
case ETHTOOL_GSTRINGS:
case ETHTOOL_GTSO:
case ETHTOOL_GPERMADDR:
case ETHTOOL_GUFO:
case ETHTOOL_GGSO:
Which should be ok.
And once again, take even this list with a grain of salt, we
have until 2.6.19-final to sort this out and audit things.
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
