From owner-freebsd-security Sat Dec 1 15:34:45 2001 Delivered-To: freebsd-security@freebsd.org Received: from rover.village.org (rover.bsdimp.com [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id 5D4A737B419 for ; Sat, 1 Dec 2001 15:34:40 -0800 (PST) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.11.3/8.11.3) with ESMTP id fB1NYda31735; Sat, 1 Dec 2001 16:34:39 -0700 (MST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost [127.0.0.1]) by harmony.village.org (8.11.6/8.11.6) with ESMTP id fB1NYcM54600; Sat, 1 Dec 2001 16:34:38 -0700 (MST) (envelope-from imp@harmony.village.org) Message-Id: <200112012334.fB1NYcM54600@harmony.village.org> To: rik@rikrose.net Subject: Re: options USER_LDT Cc: freebsd-security@FreeBSD.ORG In-reply-to: Your message of "Sat, 01 Dec 2001 16:00:32 GMT." References: Date: Sat, 01 Dec 2001 16:34:38 -0700 From: Warner Losh Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In message rik@rikrose.net writes: : /* : ** This code is a simple example of bypassing Integrity checking : ** systems in FreeBSD 2.2. It has been tested in 2.2.1, and : ** believed to work (although not tested) in 3.0. : : Uhm. A little old, isn't it? Can anyone confirm that USER_LDT is still : dangerous? Never was. This check is for loadable kernel modules, which is a completely different thing. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message