From owner-freebsd-hackers Wed Jul 15 17:34:12 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA13661 for freebsd-hackers-outgoing; Wed, 15 Jul 1998 17:34:12 -0700 (PDT) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from lor.watermarkgroup.com (lor.watermarkgroup.com [207.202.73.33]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA13654 for ; Wed, 15 Jul 1998 17:34:10 -0700 (PDT) (envelope-from luoqi@watermarkgroup.com) Received: (from luoqi@localhost) by lor.watermarkgroup.com (8.8.8/8.8.8) id UAA08157; Wed, 15 Jul 1998 20:33:32 -0400 (EDT) (envelope-from luoqi) Date: Wed, 15 Jul 1998 20:33:32 -0400 (EDT) From: Luoqi Chen Message-Id: <199807160033.UAA08157@lor.watermarkgroup.com> To: joelh@gnu.org, luoqi@watermarkgroup.com Subject: Re: Protecting data in memory Cc: hackers@FreeBSD.ORG, matthew@wolfepub.com Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > >>> Is there any way to protect a programs memory space from all users, even > >>> root? > >> No. root always has access to all memory space. Consider: If it were > >> otherwise, root could just patch the kernel and gain whatever access > >> was needed. > > Actually, if you raise the securelevel to 1 or above, not even root can > > access kernel memory space (see init(8)). > > Er, according to init(8), then root cannot *write* to kernel memory. > Sorry, I was wrong. Root is still able to read kernel memory. My solution won't work. :( -lq > I am basically familiar with securelevel. I oversimplified my > example. > > Best, > joelh > > -- > Joel Ray Holveck - joelh@gnu.org - http://www.wp.com/piquan > Fourth law of programming: > Anything that can go wrong wi > sendmail: segmentation violation - core dumped > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message