On Fri, Jun 08, 2007 at 06:19:28PM -0700, Ulrich Drepper wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Al Viro wrote:
> > Exactly. Put it another way, randomizer is a stress-tester.
>
> ... and a security mechanism. And as such it is only useful if it is
> used. Probably it should be policy-controlled whether you can turn it off.
Any real-world examples of exploitable holes based on that? Real blue-sky
world, not grsec-advocacy "undiscovered null ptr derefs on every corner and
all of the variety fixable by our magic goo" one, please.
> > Note that
> > #define NR_FILES <some constant>
> >
> > for (i = 0; i < NR_FILES; i++)
> > close(i);
>
> You're confusing the problems.
No, I'm not. The entire argument for having a separate set of descriptors
is based on programs behaving in similar fashion, working correctly now but
limiting what libraries can do with opening files for internal needs.
So here's the question: how widespread it really is, considering that "working
correctly" is not a trivial constraint. Again, I'd love to see real data;
if I need handwaving, I know where to find it.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]