[RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained
David Miller
davem at davemloft.net
Thu Jun 25 19:34:37 UTC 2020
From: Greg KH <greg at kroah.com>
Date: Thu, 25 Jun 2020 14:07:25 +0200
> I really don't understand the objection here, why is this any different
> than any other random kernel driver for what it can do?
It's kernel code executing in userspace. If you don't trust the
signed code you don't trust the signed code.
Nothing is magic about a piece of code executing in userspace.
I seriously think this dicussion is trying to create an issue
that simply doesn't exist in reality.
If some kernel module executed "/bin/sh" it's the same problem.
There is no way to argue around this, so please stop doing so
it's silly.
More information about the Linux-security-module-archive
mailing list