Full Disclosure mailing list archives

Re: linux bugs (survival stories)?

From: dk <dk () pwarchitects com>
Date: Tue, 12 Apr 2005 15:24:47 -0500

Valdis.Kletnieks () vt edu wrote:

On Tue, 12 Apr 2005 12:06:59 +0545, Bipin Gautam said:

BUT i was woundering, to what extent adding these extra security
measures are effective against the real attacks & bugs discovered in
the kernel.



They do almost nothing to guard against bugs discovered *in the kernel*,
because all of them are addressing *userspace* bugs.


DING DING!

Once again, Valdis hits the point(s) dead on. I am still surprised atthe number of times I get this question when the topic comes up. Itseems fairly straight forward & is usually mentioned in a project'sdocumentation (PaX, etc..) or forums.


--
dk
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

linux bugs (survival stories)? Bipin Gautam (Apr 11)
- Re: linux bugs (survival stories)? Valdis . Kletnieks (Apr 12)
  - Re: linux bugs (survival stories)? Georgi Guninski (Apr 12)
  - Re: linux bugs (survival stories)? dk (Apr 12)
    - Re: linux bugs (survival stories)? Eduardo Tongson (Apr 12)
    - Re: linux bugs (survival stories)? Valdis . Kletnieks (Apr 12)
    - Re: linux bugs (survival stories)? Eduardo Tongson (Apr 12)
    - Re: linux bugs (survival stories)? Joachim Schipper (Apr 12)
    - Re: linux bugs (survival stories)? Valdis . Kletnieks (Apr 12)
    - Re: linux bugs (survival stories)? Eduardo Tongson (Apr 13)
- <Possible follow-ups>
- Re: linux bugs (survival stories)? pageexec (Apr 12)
  - Re: linux bugs (survival stories)? Valdis . Kletnieks (Apr 12)
    - Re: linux bugs (survival stories)? pageexec (Apr 13)
    - Re: linux bugs (survival stories)? Valdis . Kletnieks (Apr 13)

(Thread continues...)