patacongo commented on issue #1359: URL: https://github.com/apache/incubator-nuttx/issues/1359#issuecomment-653672158
> > > Ah, it is indeed. My apologies. I did not review the existing list of issues before filing this one. Yes, it is the same root issues: This PR specifically addresses ioctls and the other only specifies read(), but I think it generalizes into any system call that receives a write-able pointer. There are several other Issues related to the PROTECTED mode that I have opened. You can see that they are all tagged with the Security label. I have also taken some effort to obfuscate the stack content on some call backs from the OS -- signal handlers, atexit(), on_exit(), pthread_cleanup functions, pthread-specific data destructors, etc. That that is incomplete and insufficient and also deserves to have a new Issue opened. Unlike Linux, there are not separate stacks for user logic and system functions so callbacks from the OS expose the entire stack and since it is user-writable is also a glaring security hole. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
