From owner-freebsd-security Fri Nov 30 23:29:48 2001 Delivered-To: freebsd-security@freebsd.org Received: from R181172.resnet.ucsb.edu (R181172.resnet.ucsb.edu [128.111.181.172]) by hub.freebsd.org (Postfix) with ESMTP id E7F6F37B405 for ; Fri, 30 Nov 2001 23:29:45 -0800 (PST) Received: from localhost (mudman@localhost) by R181172.resnet.ucsb.edu (8.11.6/8.11.6) with ESMTP id fB17XCB00772 for ; Fri, 30 Nov 2001 23:33:12 -0800 (PST) (envelope-from mudman@R181172.resnet.ucsb.edu) Date: Fri, 30 Nov 2001 23:33:12 -0800 (PST) From: Dave To: Subject: options USER_LDT Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I really have no clue what the kernel option: options USER_LDT means, except this rugged definition I found in LINT (paraphrase): "Allow applications running in user space to manipulate the Local Descriptor Table (LDT)" Since it didn't come in the GENERIC (FBSD 4.4 REL), I'm assuming that someone, somewhere, thought it would be a good idea to have this disabled by default and maybe it was meant to be added in only by people who know what they are doing. Is there a security risk by allowing programs to access the Local Descriptor Table? (I'm not sure what the LDT is, but if it was off for a reason I wouldn't want to challenge the decisions of those more informed than myself. If it wasn't for an efficiency judgement, it could of been for a security judgement) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message