FreeBSD Kernel buffer overflow
gerarra at tin.it
gerarra at tin.it
Thu Sep 16 17:13:55 PDT 2004
>This is standard proceedure.
>
>"there is no security problem."
>There is not even a practical problem..
>
>No-one is going to be able to break into your machine because of this
>unless they
>have already broken into your machine by some other method.
>
We all agree with it, i worte 3 e-mails ago.
>There is an implicit understanding in the kernel that it trusts itrself
>to be done right..
>If you wan to check this I can show you many more things we trust
>ourselves on in the kernel
>
>for example do you check the function pointers in vfs method arrays
>before calling them?
This is not the same situation... why an user might change vfs method pointers?
Instead if I want to code a syscall accepting 9 arguments I can't do it...
and it could be happen!
I repeat, a check might be there...
>If we checked everything we would never get anything done.. In the end
>we draw the line at
>"we check values that come from userspace." We trust values that come
>from root indirectly
>e.g. when root mounts a filesystem or a kld module.
Ok, but a syscall of 9 arguments it's not so strange and nobody knows is
impossible to realize.
>
>As you have raise dth issue we might add a KASSERT checking that it is
>
>within bounds but
>the check would not be turned on for normal kernels just debug kernels.
>
I'm very sorry for this decision. However i will write my patch (would be
enough simple) and put it in the web to let other download, but, sincerely,
I hoped to cooperate with FreeBSD core team.
greetings,
rookie
More information about the freebsd-hackers
mailing list