Re: mprotect abuse in slim

On Mon, 08 Jan 2007 17:38:25 EST, Mimi Zohar said:

> revoked. Based on previous comments on lkml, we understand
> that this is not really possible in general, so SLIM only
> attempts to revoke access in certain simple cases.

Which, unfortunately, creates incredibly brittle code when some attacker
reads the SLIM source code and finds a way to force the non-simple case
you ignore.

This is an area where you really need to do it *right*, or not at all.

Attachment: pgpKV30qvTvKI.pgp
Description: PGP signature

Follow-Ups:
- Re: mprotect abuse in slim
  - From: Mimi Zohar <[email protected]>

References:
- Re: mprotect abuse in slim
  - From: Mimi Zohar <[email protected]>

Prev by Date: Re: [PATCH -MM] e1000: rewrite hardware initialization code
Next by Date: [PATCH] cpia.c: buffer overflow
Previous by thread: Re: mprotect abuse in slim
Next by thread: Re: mprotect abuse in slim
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]