From owner-svn-src-all@FreeBSD.ORG Sun Sep 27 18:55:56 2009 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CBC18106568B for ; Sun, 27 Sep 2009 18:55:56 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outI.internet-mail-service.net (outi.internet-mail-service.net [216.240.47.232]) by mx1.freebsd.org (Postfix) with ESMTP id B30598FC17 for ; Sun, 27 Sep 2009 18:55:56 +0000 (UTC) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id 6CBD3C9282; Sun, 27 Sep 2009 11:55:59 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id E91602D6019; Sun, 27 Sep 2009 11:55:55 -0700 (PDT) Message-ID: <4ABFB53E.6010702@elischer.org> Date: Sun, 27 Sep 2009 11:55:58 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: "Simon L. Nielsen" References: <200909271449.n8REnpUX027608@svn.freebsd.org> <4ABFB4D1.5070505@elischer.org> In-Reply-To: <4ABFB4D1.5070505@elischer.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r197537 - head/sys/vm X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Sep 2009 18:55:56 -0000 Julian Elischer wrote: > Simon L. Nielsen wrote: >> Author: simon >> Date: Sun Sep 27 14:49:51 2009 >> New Revision: 197537 >> URL: http://svn.freebsd.org/changeset/base/197537 >> >> Log: >> Do not allow mmap with the MAP_FIXED argument to map at address zero. >> This is done to make it harder to exploit kernel NULL pointer security >> vulnerabilities. While this of course does not fix vulnerabilities, >> it does mitigate their impact. >> Note that this may break some applications, most likely emulators or >> similar, which for one reason or another require mapping memory at >> zero. > > If you are going to take this approach then it shuel be enabled by > a bit in the inherrited process permissions, with a toll to set it, > like: > > map0 {command} > where command could be something like "wine". > use setfib or nice as a template for the tool. > > this way only processes that need it are affected. > (of course only root can run the program or set the bit)