Date: Wed, 15 Jul 1998 18:05:58 -0500 (CDT) From: Joel Ray Holveck <joelh@gnu.org> To: robert+freebsd@cyrus.watson.org Cc: matthew@wolfepub.com, hackers@FreeBSD.ORG Subject: Re: Protecting data in memory Message-ID: <199807152305.SAA15377@detlev.UUCP> In-Reply-To: <Pine.BSF.3.96.980715171019.14094G-100000@fledge.watson.org> (message from Robert Watson on Wed, 15 Jul 1998 17:12:15 -0400 (EDT)) References: <Pine.BSF.3.96.980715171019.14094G-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>>> Is there any way to protect a programs memory space from all users, even >>> root? >> No. root always has access to all memory space. Consider: If it were >> otherwise, root could just patch the kernel and gain whatever access >> was needed. > On the contrary. This is the purpose of securelevels and read-only > files/file-systems. I realize this. I was actually giving a simplistic example. Yes, you can prevent the kernel from being patched. You would also have to prevent trojan horse attacks elsewhere (ie, r/o /usr and /), not to mention avoid root managing to patch the in-core kernel, etc, etc. Best, joelh -- Joel Ray Holveck - joelh@gnu.org - http://www.wp.com/piquan Fourth law of programming: Anything that can go wrong wi sendmail: segmentation violation - core dumped To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807152305.SAA15377>