On 09/10, Kees Cook wrote: > > On Mon, Sep 10, 2018 at 10:21 AM, Oleg Nesterov <[email protected]> wrote: > > > Could you explain what this patch actually prevents from? Especially > > now that we have stack_guard_gap? > > One of the many Stack Clash abuses was that it was possible to jump > over the stack gap with outrageous environment variables that got > expanded in stupid ways by, IIRC, glibc or the dynamic linker. The > point here was to be defensive in the face of future weaknesses, and > try to be robust in the face of crazy execs but workable under normal > (but large) execs.
IOW, unlimited arg size makes many interesting attacks possible. This is clear, I was confused because I thought this patch fixes some particular problem not explained in the changelog. Thanks, Oleg.
