From owner-freebsd-hackers@FreeBSD.ORG  Fri Sep 17 00:50:36 2004
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5248616A4CE
	for <freebsd-hackers@freebsd.org>;
	Fri, 17 Sep 2004 00:50:36 +0000 (GMT)
Received: from vsmtp1.tin.it (vsmtp1.tin.it [212.216.176.141])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D870543D49
	for <freebsd-hackers@freebsd.org>;
	Fri, 17 Sep 2004 00:50:35 +0000 (GMT)	(envelope-from gerarra@tin.it)
Received: from ims3a.cp.tin.it (192.168.70.103) by vsmtp1.tin.it (7.0.027)
	id 414947D700063B2E for freebsd-hackers@freebsd.org;
	Fri, 17 Sep 2004 02:50:36 +0200
Received: from [192.168.70.226] by ims3a.cp.tin.it with HTTP;
	Fri, 17 Sep 2004 02:50:35 +0200
Date: Fri, 17 Sep 2004 02:50:35 +0200
Message-ID: <4146316C00007823@ims3a.cp.tin.it>
In-Reply-To: <20040917002301.GB73372@hub.freebsd.org>
From: gerarra@tin.it
To: freebsd-hackers@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-15"
Content-Transfer-Encoding: quoted-printable
Subject: Re: FreeBSD Kernel buffer overflow
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Sep 2004 00:50:36 -0000

>A couple of points:
>
>1) No-one from the FreeBSD core team has participated in this
>discussion so far.
>
>2) Because you initially claimed that this was a security problem, you
>prejudiced people against you because it's quite obviously not
>security-related, as has been discussed.  If you'd initially just
>asked for the sanity check for developers who might accidentally shoot
>their feet off (this is what Julian suggested in response to you),
>there would have been little controversy.
>
>Kris

Hi Kris,
you're quite right but: former what I mean to say is that the problem *ex=
ists*.
Nobody can write a syscall with more than 8 arguments and this is concept=
ually
wrong. In my opinion this is a mistake, no assumptions might be done on
number of arguments (I've not seen a documentation about that somewhere
too...). Latter, it could be a security problem. I've seen a lot of bug
declared *not exploitable* exploitted by other coders after some times.
Nothing is impossible. I wanted to point out that. I think this is differ=
ent
respect VFS pointers, don't you agree?

rookie