> Date: Thu, 25 Jan 2018 19:08:16 +0100 > From: Maxime Villard <m...@m00nbsd.net> > > I noticed this issue a long time ago too. While it's clear that this hack was > utter garbage, it wasn't essentially critical since the path that leads to > this > place is privileged, and basically there's everywhere the assumption that only > the privileged NFS daemon will invoke these syscalls.
Yes. But even root shouldn't be allowed to control arbitrary kva pointers, unless we want to give up on the concept of securelevel>0 altogether.
