Re: [2.6] The List, pass #2

From: H. Peter Anvin (hpa@zytor.com)
Date: Tue Aug 13 2002 - 00:27:43 EST


Followup to: <3D5233BC.96ABDF73@aitel.hist.no>
By author: Helge Hafting <helgehaf@aitel.hist.no>
In newsgroup: linux.dev.kernel
> >
> > Why *safer*? Partition (,DHCP,..) code is ran once at boot. It is hard for
> > it to harm security.
>
> I wouldn't worry about partition detection, but network stuff
> is always risky. A "bad guy" could listen for DHCP
> and try to fake a response or do a buffer overflow.
>
> Userspace programs are supposedly easier to fix, and a
> messed-up userspace isn't quite as bad as a messed up kernel
> when an attacker tries to get in.
>

Perhaps more relevantly:

a) User-space code is easier to write; consider memory management in
   particular.

b) If the user-space process has gotten compromised or corrupted, it
   still goes away when it exits. In the kernel, any corruption stays
   around forever.

   -hpa

-- 
<hpa@transmeta.com> at work, <hpa@zytor.com> in private!
"Unix gives you enough rope to shoot yourself in the foot."
http://www.zytor.com/~hpa/puzzle.txt	<amsp@zytor.com>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Thu Aug 15 2002 - 22:00:30 EST