Re: thoughts on kernel security issues

From: Olaf Hering
Date: Wed Jan 26 2005 - 21:09:44 EST

Next message: Jean Delvare: "Re: 2.6.11-rc2-mm1: SuperIO scx200 breakage"
Previous message: Nathan Lynch: "Re: [PATCH] unexport register_cpu and unregister_cpu"
In reply to: John Richard Moser: "Re: thoughts on kernel security issues"
Next in thread: Linus Torvalds: "Re: thoughts on kernel security issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jan 26, Linus Torvalds wrote:

> The biggest part of that is having nice interfaces. If you have good
> interfaces, bugs are less likely to be problematic. For example, the
> "seq_file" interfaces for /proc were written to clean up a lot of common
> mistakes, so that the actual low-level code would be much simpler and not
> have to worry about things like buffer sizes and page boundaries. I don't
> know/remember if it actually fixed any security issues, but I'm confident
> it made them less likely, just by making it _easier_ to write code that
> doesn't have silly bounds problems.

And, did that nice interface help at all? No, it did not.
Noone made seqfile mandatory in 2.6.
Now we have a few nice big patches to carry around because every driver
author had its own proc implementation. Well done...

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jean Delvare: "Re: 2.6.11-rc2-mm1: SuperIO scx200 breakage"
Previous message: Nathan Lynch: "Re: [PATCH] unexport register_cpu and unregister_cpu"
In reply to: John Richard Moser: "Re: thoughts on kernel security issues"
Next in thread: Linus Torvalds: "Re: thoughts on kernel security issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]