Date: Fri, 11 Sep 1998 10:40:50 +0930 From: Greg Lehey <grog@lemis.com> To: Warner Losh <imp@village.org>, freebsd-hackers@FreeBSD.ORG Subject: Re: syscalls and the stack Message-ID: <19980911104050.B13960@freebie.lemis.com> In-Reply-To: <199809100235.UAA08517@harmony.village.org>; from Warner Losh on Wed, Sep 09, 1998 at 08:35:29PM -0600 References: <199809100235.UAA08517@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday, 9 September 1998 at 20:35:29 -0600, Warner Losh wrote: > > Question: > do system calls need to be made from the executable stack? No. That's why copyin() and copyout() exist. > If this were disallowed, what would break? Who knows? I think the official answer is "nothing", but I'm sure that some code uses pointers instead of copying the data. > I know that a system like this wouldn't give total security, > but it seems that at the cost of a few instructions per system call > (which could be disabled, if you wanted), one could stop the smash the > stack attacks cold. This would have the same vulnerabilities as the > Solar Designer patches for Linux. However, a door that takes extra > care to open is better than no door at all... Yes, it would definitely help. There's also an i386 call gate function, which effectively performs some copies for you. Greg -- See complete headers for address, home page and phone numbers finger grog@lemis.com for PGP public key To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980911104050.B13960>