Re: [RFC] prevention of syscalls from writable segments, breaking

Gerhard Mack (gmack@innerfire.net)
Wed, 3 Jan 2001 15:34:06 -0800 (PST)


On Thu, 4 Jan 2001, Dan Aloni wrote:

> On Wed, 3 Jan 2001, Alexander Viro wrote:
>
> > > > > without breaking anything. It also reports of such calls by using printk.
> > > > Get real.
> > >
> > > Why do you always have to be insulting alex? Sheesh.
> >
> > Sigh... Not intended to be an insult. Plain and simple advice. Idea is
> [..]
>
> Did you notice that question was ambiguous? I understood that sentence in
> its other meaning, i.e, someone insulting Alex ;-)
>
> Anyway, while it is agreed that you can't completely eliminate exploits,
> it is recommended that, it should be at least harder to create them, maybe
> it can even minimize the will to write them.
>
> --
> Dan Aloni
> dax@karrde.org
>

You are much better off working on ways to reduce the number of processes
that need to be root..

As for these protections my system emails me when a process overflows it's
buffers, But that's not a kernel function. ;)

Gerhard

--
Gerhard Mack

gmack@innerfire.net

<>< As a computer I find your faith in technology amusing.

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org Please read the FAQ at http://www.tux.org/lkml/