From owner-freebsd-security Sat Dec 1 8: 0:38 2001 Delivered-To: freebsd-security@freebsd.org Received: from pkl.net (spoon.pkl.net [212.111.57.14]) by hub.freebsd.org (Postfix) with ESMTP id 6AC0437B41C for ; Sat, 1 Dec 2001 08:00:33 -0800 (PST) Received: from localhost (rik@localhost) by pkl.net (8.9.3/8.9.3) with ESMTP id QAA10432 for ; Sat, 1 Dec 2001 16:00:32 GMT Date: Sat, 1 Dec 2001 16:00:32 +0000 (GMT) From: rik@rikrose.net X-Sender: rik@pkl.net To: freebsd-security@FreeBSD.ORG Subject: Re: options USER_LDT In-Reply-To: <3C08E711.A4B08098@bsdprophet.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sat, 1 Dec 2001, scott wrote: > Dave wrote: > > I really have no clue what the kernel option: > > options USER_LDT > > > > Is there a security risk by allowing programs to access the Local > > Descriptor Table? (I'm not sure what the LDT is, but if it was off for a > > Yes there is a security risk. > Here read all about it: > http://www.phrack.org/show.php?p=51&a=9 /* ** This code is a simple example of bypassing Integrity checking ** systems in FreeBSD 2.2. It has been tested in 2.2.1, and ** believed to work (although not tested) in 3.0. Uhm. A little old, isn't it? Can anyone confirm that USER_LDT is still dangerous? -- PGP Key: D2729A3F - Keyserver: wwwkeys.uk.pgp.net - rich at rdrose dot org Key fingerprint = 5EB1 4C63 9FAD D87B 854C 3DED 1408 ED77 D272 9A3F Public key also encoded with outguess on http://rikrose.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message