Re: RFC - Approaches to user-space probes

From: Frank Ch. Eigler
Date: Fri Mar 31 2006 - 11:22:53 EST


Hi -

On Fri, Mar 31, 2006 at 05:25:29PM +0530, Prasanna S Panchamukhi wrote:
> [...]
> > It's pretty clear that writing the dirtied pages to disk is an
> > *undesirable* side-effect, and should be eliminated. [...]
>
> What would the typical situations where the text section in the
> executable is mapped with 'MAP_SHARED'?

Even if such usage is not typical, if it is legal, it may open a
vulnerability. Imagine an unprivileged attacker doing just such an
mmap on some key shared library or executable, hoping that someone
else puts user-kprobes in there.

- FChE

Attachment: pgp00000.pgp
Description: PGP signature