Date: Fri, 28 Dec 2001 23:59:04 -0600 From: Alfred Perlstein <alfred@freebsd.org> To: Tor.Egge@cvsup.no.freebsd.org Cc: security@freebsd.org, alc@freebsd.org, dillon@freebsd.org Subject: Re: (forw) Re: AIO vulnerability (from bugtraq) Message-ID: <20011228235904.B16101@elvis.mu.org> In-Reply-To: <20011228235711.A16101@elvis.mu.org>; from alfred@freebsd.org on Fri, Dec 28, 2001 at 11:57:11PM -0600 References: <20011210132621.E92148@elvis.mu.org> <20011211180713J.tegge@cvsup.no.freebsd.org> <20011228235711.A16101@elvis.mu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
* Alfred Perlstein <alfred@freebsd.org> [011228 23:57] wrote: > * Tor.Egge@cvsup.no.freebsd.org <Tor.Egge@cvsup.no.freebsd.org> [011211 12:07] wrote: > > > Can you look at this? > > > > All pending aio requests must be drained before mapping the new > > vmspace. An untested suggested pach is enclosed. > > > > - Tor Egge > > This looks a bit early and could result in aio_proc_rundown() > being called but returning ENOEXEC to the caller. > > I think it's safe to move it down a bit as it seems the interpreter > is responsible for only setting up the imgp such that kern_exec.c > can finish the job. Wouldn't you say it's probably safe to try > this instead? On second thought it probably has to be right before where I put it, before the p->p_sysent->sv_fixup callback. *sigh* -- -Alfred Perlstein [alfred@freebsd.org] 'Instead of asking why a piece of software is using "1970s technology," start asking why software is ignoring 30 years of accumulated wisdom.' Tax deductable donations for FreeBSD: http://www.freebsdfoundation.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011228235904.B16101>