Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 17 Sep 2004 02:13:53 +0200
From:      gerarra@tin.it
To:        freebsd-hackers@freebsd.org
Subject:   Re: FreeBSD Kernel buffer overflow
Message-ID:  <4146316C00007819@ims3a.cp.tin.it>
In-Reply-To: <414A26F3.8030201@elischer.org>

next in thread | previous in thread | raw e-mail | index | archive | help
>This is standard proceedure.
>
>"there is no security problem."
>There is not even a practical problem..
>
>No-one is going to be able to break into your machine because of this 
>unless they
>have already broken into your machine by some other method.
>

We all agree with it, i worte 3 e-mails ago.

>There is an implicit understanding in the kernel that it trusts itrself

>to be done right..
>If you wan to check this  I can show you many more things we trust 
>ourselves on in the kernel
>
>for example do you check the function pointers in vfs method arrays 
>before calling them?

This is not the same situation... why an user might change vfs method poi=
nters?
Instead if I want to code a syscall accepting 9 arguments I can't do it..=
.
and it could be happen!
I repeat, a check might be there...

>If we checked everything we would never get anything done.. In the end

>we draw the line at
>"we check values that come from userspace." We trust values that come 
>from root indirectly
>e.g. when root mounts a filesystem or a kld module.

Ok, but a syscall of 9 arguments it's not so strange and nobody knows is
impossible to realize.

>
>As you have raise dth issue we might add a KASSERT checking that  it is

>
>within bounds but
>the check would not be turned on  for normal kernels just debug kernels.=

>
I'm very sorry for this decision. However i will write my patch (would be=

enough simple) and put it in the web to let other download, but, sincerel=
y,
I hoped to cooperate with FreeBSD core team.

greetings,

rookie




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4146316C00007819>