Date: Mon, 14 May 2007 08:58:10 +0200 From: des@des.no (Dag-Erling =?utf-8?Q?Sm=C3=B8rgrav?=) To: Ivan Voras <ivoras@fer.hr> Cc: Alfred Perlstein <alfred@freebsd.org>, freebsd-arch@freebsd.org Subject: Re: HEADS DOWN Message-ID: <86sl9zyjr1.fsf@dwp.des.no> In-Reply-To: <46478C9A.9050807@fer.hr> (Ivan Voras's message of "Mon\, 14 May 2007 00\:09\:30 %2B0200") References: <20070512153532.GQ21795@elvis.mu.org> <63984.1178992555@critter.freebsd.dk> <f25m78$ik$2@sea.gmane.org> <20070513215442.GZ21795@elvis.mu.org> <46478C9A.9050807@fer.hr>
next in thread | previous in thread | raw e-mail | index | archive | help
Ivan Voras <ivoras@fer.hr> writes: > Alfred Perlstein wrote: > > Let's clear the issue here... FreeBSD did not have a choice in the > > matter. > Actually it did. The SIGABORT codepath was only executed in case the > process is running under uid=3D0, in other cases it would just print out > the warning. I think behaviour such as this is a violation of POLA as > the behaviour is different depending on which users runs it (and if the > allocator can clearly handle the situation for nonprivileged users, it > can also handle it for root, but instead chose to be annoying). So you think remote exploitable root vulnerabilities are OK? DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86sl9zyjr1.fsf>