> >>BUT i was woundering, to what extent adding these extra security
> >>measures are effective against the real attacks & bugs discovered in
> >>the kernel.
> >
> > They do almost nothing to guard against bugs discovered *in the kernel*,
> > because all of them are addressing *userspace* bugs.
Stuff like for example circumventing noexec flags on mounted filesystems
still is trivial even with the latest and development versions of the
linux kernel
I don't know if you could even consider it that sad.
--
Eduardo Tongson
<pornadmin.net/~tongson>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
