From owner-freebsd-hackers@FreeBSD.ORG Fri Sep 17 00:13:54 2004 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E04F416A4CE for ; Fri, 17 Sep 2004 00:13:54 +0000 (GMT) Received: from vsmtp14.tin.it (vsmtp14.tin.it [212.216.176.118]) by mx1.FreeBSD.org (Postfix) with ESMTP id 90B7B43D3F for ; Fri, 17 Sep 2004 00:13:54 +0000 (GMT) (envelope-from gerarra@tin.it) Received: from ims3a.cp.tin.it (192.168.70.103) by vsmtp14.tin.it (7.0.027) id 4149A1880003298A for freebsd-hackers@freebsd.org; Fri, 17 Sep 2004 02:13:54 +0200 Received: from [192.168.70.229] by ims3a.cp.tin.it with HTTP; Fri, 17 Sep 2004 02:13:53 +0200 Date: Fri, 17 Sep 2004 02:13:53 +0200 Message-ID: <4146316C00007819@ims3a.cp.tin.it> In-Reply-To: <414A26F3.8030201@elischer.org> From: gerarra@tin.it To: freebsd-hackers@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-15" Content-Transfer-Encoding: quoted-printable Subject: Re: FreeBSD Kernel buffer overflow X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Sep 2004 00:13:55 -0000 >This is standard proceedure. > >"there is no security problem." >There is not even a practical problem.. > >No-one is going to be able to break into your machine because of this >unless they >have already broken into your machine by some other method. > We all agree with it, i worte 3 e-mails ago. >There is an implicit understanding in the kernel that it trusts itrself >to be done right.. >If you wan to check this I can show you many more things we trust >ourselves on in the kernel > >for example do you check the function pointers in vfs method arrays >before calling them? This is not the same situation... why an user might change vfs method poi= nters? Instead if I want to code a syscall accepting 9 arguments I can't do it..= . and it could be happen! I repeat, a check might be there... >If we checked everything we would never get anything done.. In the end >we draw the line at >"we check values that come from userspace." We trust values that come >from root indirectly >e.g. when root mounts a filesystem or a kld module. Ok, but a syscall of 9 arguments it's not so strange and nobody knows is impossible to realize. > >As you have raise dth issue we might add a KASSERT checking that it is > >within bounds but >the check would not be turned on for normal kernels just debug kernels.= > I'm very sorry for this decision. However i will write my patch (would be= enough simple) and put it in the web to let other download, but, sincerel= y, I hoped to cooperate with FreeBSD core team. greetings, rookie