On Tue, Oct 11, 2005 at 10:24:46PM +0200, Alon Bar-Lev wrote:
> Brian Gerst wrote:
> >Jonathan M. McCune wrote:
> >
> >>Hello,
> >>
> >Why send the kernel back to the 2.0 days? There is no valid reason for
> >doing this with they way x86 segmentation works, which is why it was
> >done away with in 2.1.
> >
>
> But with segmentation you can set code to be read-only,
> disallow execution from stack, separate modules so that they
> will not affect kernel and more...
You do realize that it's a BS, don't you?
* attacker that would rewrite kernel code can switch a pointer to method in
any of the method tables (or pointer to the entire method table, while we are
at it).
* overwriting return address is trivial if you got stack smashing and there
is a plenty of interesting functions in the kernel ready to elevate priveleges
* modules rely on practically complete access to kernel data structures, so
no amount of playing with rings will change anything for them.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
