Re: mprotect abuse in slim

On Mon, 08 Jan 2007 17:38:25 EST, Mimi Zohar said:

> revoked. Based on previous comments on lkml, we understand
> that this is not really possible in general, so SLIM only
> attempts to revoke access in certain simple cases.

Which, unfortunately, creates incredibly brittle code when some attacker
reads the SLIM source code and finds a way to force the non-simple case
you ignore.

This is an area where you really need to do it *right*, or not at all.

Attachment: pgpKV30qvTvKI.pgp
Description: PGP signature

---

• Follow-Ups:
  • Re: mprotect abuse in slim
    • From: Mimi Zohar <[email protected]>

• References:
  • Re: mprotect abuse in slim
    • From: Mimi Zohar <[email protected]>

• Prev by Date: Re: [PATCH -MM] e1000: rewrite hardware initialization code
• Next by Date: [PATCH] cpia.c: buffer overflow
• Previous by thread: Re: mprotect abuse in slim
• Next by thread: Re: mprotect abuse in slim
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]