| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20080905090559.7cbc74f3@infradead.org> Date: Fri, 5 Sep 2008 09:05:59 -0700 From: Arjan van de Ven <arjan@...radead.org> To: pageexec@...email.hu Cc: Andi Kleen <andi@...stfloor.org>, linux-kernel@...r.kernel.org, mingo@...e.hu, tglx@...x.de, hpa@...or.org, Benjamin Herrenschmidt <benh@...nel.crashing.org> Subject: Re: [patch] Add basic sanity checks to the syscall execution patch On Fri, 05 Sep 2008 11:43:31 +0200 pageexec@...email.hu wrote: > consider how your whole patch is based on one big self-contradiction. > you already assume that the attacker *can* modify arbitrary kernel > memory (even the otherwise *read-only* syscall table at that), but at > the very same time you're saying he *can't* use the same powers to > patch out your 'protection' or do many other things to evade it. as > it is, it's cargo cult security at its best, reminding one on the > Vista kernel's similar 'protection' mechanism for the service > descriptor tables... so I'm not going to say that the patch is important or good; it's the result of ben mentioning the idea on irc and me thinking "sure lets see what it would take and cost". Nothing more than that -- If you want to reach me at my work email, use arjan@...ux.intel.com For development, discussion and tips for power savings, visit http://www.lesswatts.org -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists