Re: [patch] Add basic sanity checks to the syscall execution patch
From: Arjan van de Ven
Date: Fri Sep 05 2008 - 12:06:18 EST
On Fri, 05 Sep 2008 11:43:31 +0200
pageexec@xxxxxxxxxxx wrote:
> consider how your whole patch is based on one big self-contradiction.
> you already assume that the attacker *can* modify arbitrary kernel
> memory (even the otherwise *read-only* syscall table at that), but at
> the very same time you're saying he *can't* use the same powers to
> patch out your 'protection' or do many other things to evade it. as
> it is, it's cargo cult security at its best, reminding one on the
> Vista kernel's similar 'protection' mechanism for the service
> descriptor tables...
so I'm not going to say that the patch is important or good;
it's the result of ben mentioning the idea on irc and me thinking "sure
lets see what it would take and cost".
Nothing more than that
--
If you want to reach me at my work email, use arjan@xxxxxxxxxxxxxxx
For development, discussion and tips for power savings,
visit http://www.lesswatts.org
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/