HEADS DOWN
Dag-Erling Smørgrav
des at des.no
Mon May 14 06:58:15 UTC 2007
Ivan Voras <ivoras at fer.hr> writes:
> Alfred Perlstein wrote:
> > Let's clear the issue here... FreeBSD did not have a choice in the
> > matter.
> Actually it did. The SIGABORT codepath was only executed in case the
> process is running under uid=0, in other cases it would just print out
> the warning. I think behaviour such as this is a violation of POLA as
> the behaviour is different depending on which users runs it (and if the
> allocator can clearly handle the situation for nonprivileged users, it
> can also handle it for root, but instead chose to be annoying).
So you think remote exploitable root vulnerabilities are OK?
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-arch
mailing list