Followup to: <3D5233BC.96ABDF73@aitel.hist.no>
By author: Helge Hafting <helgehaf@aitel.hist.no>
In newsgroup: linux.dev.kernel
> >
> > Why *safer*? Partition (,DHCP,..) code is ran once at boot. It is hard for
> > it to harm security.
>
> I wouldn't worry about partition detection, but network stuff
> is always risky. A "bad guy" could listen for DHCP
> and try to fake a response or do a buffer overflow.
>
> Userspace programs are supposedly easier to fix, and a
> messed-up userspace isn't quite as bad as a messed up kernel
> when an attacker tries to get in.
>
Perhaps more relevantly:
a) User-space code is easier to write; consider memory management in
particular.
b) If the user-space process has gotten compromised or corrupted, it
still goes away when it exits. In the kernel, any corruption stays
around forever.
-hpa
-- <hpa@transmeta.com> at work, <hpa@zytor.com> in private! "Unix gives you enough rope to shoot yourself in the foot." http://www.zytor.com/~hpa/puzzle.txt <amsp@zytor.com> - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Aug 15 2002 - 22:00:30 EST