Date: Sat, 1 Dec 2001 02:32:10 -0500 From: "Peter C. Lai" <sirmoo@cowbert.2y.net> To: Dave <mudman@R181172.resnet.ucsb.edu> Cc: freebsd-security@freebsd.org Subject: Re: options USER_LDT Message-ID: <20011201023210.A52949@cowbert.2y.net> In-Reply-To: <Pine.BSF.4.33.0111302322520.763-100000@R181172.resnet.ucsb.edu>; from mudman@R181172.resnet.ucsb.edu on Fri, Nov 30, 2001 at 11:33:12PM -0800 References: <Pine.BSF.4.33.0111302322520.763-100000@R181172.resnet.ucsb.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
IT's for the linux emulation module. Some linux ELF binaries require this to run. On Fri, Nov 30, 2001 at 11:33:12PM -0800, Dave wrote: > > I really have no clue what the kernel option: > options USER_LDT > > means, except this rugged definition I found in LINT (paraphrase): > "Allow applications running in user space to manipulate the Local > Descriptor Table (LDT)" > > Since it didn't come in the GENERIC (FBSD 4.4 REL), I'm assuming that > someone, somewhere, thought it would be a good idea to have this disabled > by default and maybe it was meant to be added in only by people who know > what they are doing. > > Is there a security risk by allowing programs to access the Local > Descriptor Table? (I'm not sure what the LDT is, but if it was off for a > reason I wouldn't want to challenge the decisions of those more informed > than myself. If it wasn't for an efficiency judgement, it could of been > for a security judgement) > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- Peter C. Lai University of Connecticut Dept. of Residential Life | Programmer Dept. of Molecular and Cell Biology | Undergraduate Research Assistant http://cowbert.2y.net/ 860.427.4542 203.206.3784 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011201023210.A52949>