On 18 Sep, Matt Emmerton wrote:
>
> ----- Original Message -----
> From: "Mike Meyer" <[EMAIL PROTECTED]>
> To: "Matt Emmerton" <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>; "Avleen Vig"
> <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>;
> <[EMAIL PROTECTED]>
> Sent: Saturday, September 18, 2004 1:22 AM
> Subject: Re: FreeBSD Kernel buffer overflow
>
>
>> In <[EMAIL PROTECTED]>, Matt Emmerton
> <[EMAIL PROTECTED]> typed:
>> > I disagree. It really comes down to how secure you want FreeBSD to be,
> and
>> > the attitude of "we don't need to protect against this case because
> anyone
>> > who does this is asking for trouble anyway" is one of the main reason
> why
>> > security holes exist in products today. (Someone else had brought this
> up
>> > much earlier on in the thread.)
>>
>> You haven't been paying close enough attention to the discussion. To
>> exploit this "security problem" you have to be root. If it's an
>> external attacker, you're already owned.
>
> I'm well aware of that fact. That's still not a reason to protect against
> the problem.
>
> If your leaky bucket has 10 holes in it, would you at least try and plug
> some of them?
If an attacker is allowed to install arbitrary syscalls, he might as
well install one that is easier to exploit.
struct write2kernel_args {
void *ubuf;
void *kbuf;
size_t nbyte;
};
void
write2kernel(td, uap)
struct thread *td;
struct write2kernel_args *uap;
{
copyin(uap->ubuf, uap->kbuf, nbyte);
}
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
