On Thu, 2 May 2013, Franco Fichtner wrote:

> Moving implementations to user space does not necessarily make them
> better or less of a problem.

The big difference is that its possible to sandbox a userspace
implementation so that small integer overflow bugs or length checking
failures don't become arbitrary kmem reads or, worse, RCE.

-d

Reply via email to