Date: Sat, 01 Dec 2001 08:20:01 -0600 From: scott <scott@bsdprophet.org> To: Dave <mudman@R181172.resnet.ucsb.edu> Cc: freebsd-security@FreeBSD.ORG Subject: Re: options USER_LDT Message-ID: <3C08E711.A4B08098@bsdprophet.org> References: <Pine.BSF.4.33.0111302322520.763-100000@R181172.resnet.ucsb.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Dave wrote: > > I really have no clue what the kernel option: > options USER_LDT > > means, except this rugged definition I found in LINT (paraphrase): > "Allow applications running in user space to manipulate the Local > Descriptor Table (LDT)" > > Since it didn't come in the GENERIC (FBSD 4.4 REL), I'm assuming that > someone, somewhere, thought it would be a good idea to have this disabled > by default and maybe it was meant to be added in only by people who know > what they are doing. > > Is there a security risk by allowing programs to access the Local > Descriptor Table? (I'm not sure what the LDT is, but if it was off for a > reason I wouldn't want to challenge the decisions of those more informed > than myself. If it wasn't for an efficiency judgement, it could of been > for a security judgement) Yes there is a security risk. Here read all about it: http://www.phrack.org/show.php?p=51&a=9 > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- Scott To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C08E711.A4B08098>