FreeBSD Kernel buffer overflow
Julian Elischer
julian at elischer.org
Thu Sep 16 17:40:34 PDT 2004
gerarra at tin.it wrote:
>>This is standard proceedure.
>>
>>"there is no security problem."
>>There is not even a practical problem..
>>
>>No-one is going to be able to break into your machine because of this
>>unless they
>>have already broken into your machine by some other method.
>>
>>
>>
>
>We all agree with it, i worte 3 e-mails ago.
>
>
>
>>There is an implicit understanding in the kernel that it trusts itrself
>>
>>
>
>
>
>>to be done right..
>>If you wan to check this I can show you many more things we trust
>>ourselves on in the kernel
>>
>>for example do you check the function pointers in vfs method arrays
>>before calling them?
>>
>>
>
>This is not the same situation... why an user might change vfs method pointers?
>Instead if I want to code a syscall accepting 9 arguments I can't do it...
>and it could be happen!
>I repeat, a check might be there...
>
>
>
>>If we checked everything we would never get anything done.. In the end
>>
>>
>
>
>
>>we draw the line at
>>"we check values that come from userspace." We trust values that come
>>
>>
>>from root indirectly
>
>
>>e.g. when root mounts a filesystem or a kld module.
>>
>>
>
>Ok, but a syscall of 9 arguments it's not so strange and nobody knows is
>impossible to realize.
>
If we put your patch in but as a KASSERT then anyone ruinning with
debugging turned on
(and no-one in their right mind would write a kernel module without
turning on debugging, right?)
will immediatly find the problem.
>
>
>
>>As you have raise dth issue we might add a KASSERT checking that it is
>>
>>
>
>
>
>>within bounds but
>>the check would not be turned on for normal kernels just debug kernels.
>>
>>
>>
>I'm very sorry for this decision. However i will write my patch (would be
>enough simple) and put it in the web to let other download, but, sincerely,
>I hoped to cooperate with FreeBSD core team.
>
>greetings,
>
>rookie
>
>
>_______________________________________________
>freebsd-hackers at freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
>To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"
>
>
More information about the freebsd-hackers
mailing list