Re: [RFC] prevention of syscalls from writable segments, breakingbug exploits

[Gerhard Mack]

On Thu, 4 Jan 2001, Dan Aloni wrote:

> On Wed, 3 Jan 2001, Alexander Viro wrote:
> 
> > > > > without breaking anything. It also reports of such calls by using printk.
> > > > Get real.
> > > 
> > > Why do you always have to be insulting alex? Sheesh.
> > 
> > Sigh... Not intended to be an insult. Plain and simple advice. Idea is
> [..]
> 
> Did you notice that question was ambiguous? I understood that sentence in
> its other meaning, i.e, someone insulting Alex ;-)
> 
> Anyway, while it is agreed that you can't completely eliminate exploits,
> it is recommended that, it should be at least harder to create them, maybe
> it can even minimize the will to write them.
> 
> -- 
> Dan Aloni 
> [EMAIL PROTECTED]
> 

You are much better off working on ways to reduce the number of processes
that need to be root..

As for these protections my system emails me when a process overflows it's
buffers,  But that's not a kernel function. ;) 

        Gerhard


--
Gerhard Mack

[EMAIL PROTECTED]

<>< As a computer I find your faith in technology amusing.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.tux.org/lkml/