Date: Wed, 17 Nov 1999 17:42:22 -0500 From: "Kelly Yancey" <kbyanc@alcnet.com> To: "'Warner Losh'" <imp@village.org>, "'Kelly Yancey'" <kbyanc@posi.net> Cc: <freebsd-security@FreeBSD.ORG> Subject: RE: kernel stack contents visible from userland Message-ID: <000801bf314d$03fe3f20$291c453f@kbyanc.alcnet.com> In-Reply-To: <199911172221.PAA19404@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> > These patches look good. I wonder if there might be an easier way to > accomplish this. I don't see anything here that is a security risk, > per se, since most of the stat struct is always filled in before the > copyout. Which fields in stat are not explicitly used? I would have > expected them all to be filled in in all cases. It would likely be > faster to just wonk on st_lspare and st_qspare[2] in cvstat... > > Warner > Those are the culprits: the 2 spare fields. In the case of the application I was developing when I noticed this, alignment padding was also an issue, that's why I chose bzero(). I'de be glad to make a new patch set tonight when I get home, assuming someone doesn't beat me to it :) Kelly -- Kelly Yancey - kbyanc@posi.net - Richmond, VA Director of Technical Services, ALC Communications http://www.alcnet.com/ Maintainer, BSD Driver Database http://www.posi.net/freebsd/drivers/ Coordinator, Team FreeBSD http://www.posi.net/freebsd/Team-FreeBSD/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000801bf314d$03fe3f20$291c453f>