Penned by Justin Smith on 20091104 15:45.33, we have: | Theo wrote: | | > For the record, this particular problem was resolved in OpenBSD a | while back, in 2008. | | Nice, but: | | "Since 2.6.23, it has been possible to prevent applications from | mapping low pages (to prevent null pointer dereferencing in the | kernel) via the /proc/sys/vm/mmap_min_addr sysctl, which sets the | minimum address allowed for such mappings." | | 2.6.23 released: Tue, 9 Oct 2007 | | Ref: | http://lkml.org/lkml/2007/10/9/241 | http://james-morris.livejournal.com/26303.html | | -- | JS
And now we get into the fun stuff. Ever heard of 'secure by default' ? This knob is set to '0' by default. How many Linux installations actually read the above paragraph, understood what value it could have to set to something other than zero, and changed it accordingly. 'Nuff said. -- Todd Fries .. t...@fries.net _____________________________________________ | \ 1.636.410.0632 (voice) | Free Daemon Consulting, LLC \ 1.405.227.9094 (voice) | http://FreeDaemonConsulting.com \ 1.866.792.3418 (FAX) | "..in support of free software solutions." \ sip:freedae...@ekiga.net | \ sip:4052279...@ekiga.net \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ 37E7 D3EB 74D0 8D66 A68D B866 0326 204E 3F42 004A http://todd.fries.net/pgp.txt
