| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 03 Jun 2009 12:36:25 -0400 From: Rik van Riel <riel@...hat.com> To: "Larry H." <research@...reption.com> CC: Christoph Lameter <cl@...ux-foundation.org>, Stephen Smalley <sds@...ho.nsa.gov>, Linus Torvalds <torvalds@...ux-foundation.org>, linux-mm@...ck.org, Alan Cox <alan@...rguk.ukuu.org.uk>, linux-kernel@...r.kernel.org, pageexec@...email.hu Subject: Re: Security fix for remapping of page 0 (was [PATCH] Change ZERO_SIZE_PTR to point at unmapped space) Larry H. wrote: > Christopher, crippling the system is truly not the way to fix this. > There are many legitimate users of private|fixed mappings at 0. In > addition, if you want to go ahead and break POSIX, at least make sure > your patch closes the loophole. I suspect there aren't many at all, and restricting them through SELinux may be enough to mitigate the risk. > If SELinux isn't present, that's not useful. If mmap_min_addr is > enabled, that still won't solve what my original, utterly simple patch > fixes. Would anybody paranoid run their system without SELinux? > The patch provides a no-impact, clean solution to prevent kmalloc(0) > situations from becoming a security hazard. Nothing else. True, the changes in your patch only affect a few code paths. -- All rights reversed. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists