Re: FreeBSD Kernel buffer overflow

[Julian Elischer]

[EMAIL PROTECTED] wrote:
This is standard proceedure.
"there is no security problem."
There is not even a practical problem..
No-one is going to be able to break into your machine because of this 
unless they
have already broken into your machine by some other method.

   

We all agree with it, i worte 3 e-mails ago.
 

There is an implicit understanding in the kernel that it trusts itrself
   

 

to be done right..
If you wan to check this  I can show you many more things we trust 
ourselves on in the kernel

for example do you check the function pointers in vfs method arrays 
before calling them?
   

This is not the same situation... why an user might change vfs method pointers?
Instead if I want to code a syscall accepting 9 arguments I can't do it...
and it could be happen!
I repeat, a check might be there...
 

If we checked everything we would never get anything done.. In the end
   

 

we draw the line at
"we check values that come from userspace." We trust values that come 
   

from root indirectly
 

e.g. when root mounts a filesystem or a kld module.
   

Ok, but a syscall of 9 arguments it's not so strange and nobody knows is
impossible to realize.
If we put your patch in but as a KASSERT then anyone ruinning with 
debugging turned on
(and no-one in their right mind would write a kernel module without 
turning on debugging, right?)
will immediatly find the problem.

 

As you have raise dth issue we might add a KASSERT checking that  it is
   

 

within bounds but
the check would not be turned on  for normal kernels just debug kernels.
   

I'm very sorry for this decision. However i will write my patch (would be
enough simple) and put it in the web to let other download, but, sincerely,
I hoped to cooperate with FreeBSD core team.
greetings,
rookie
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
 

_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"