Date: Wed, 17 Nov 1999 15:21:42 -0700 From: Warner Losh <imp@village.org> To: Kelly Yancey <kbyanc@posi.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: kernel stack contents visible from userland Message-ID: <199911172221.PAA19404@harmony.village.org> In-Reply-To: Your message of "Wed, 17 Nov 1999 12:01:40 EST." <Pine.BSF.4.05.9911171152270.8195-100000@kronos.alcnet.com> References: <Pine.BSF.4.05.9911171152270.8195-100000@kronos.alcnet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.BSF.4.05.9911171152270.8195-100000@kronos.alcnet.com> Kelly Yancey writes: : Is there any security concern with a portion of the kernel's stack being : visible from userland? The reason I ask is that while investigating : another issue, I noticed that stat family of calls (and probably others) : leave kernel stack contents into userland via spare struct stat fields (I : imagine other structures have similar behavior with regards to the padding : between fiels for alignment). These patches look good. I wonder if there might be an easier way to accomplish this. I don't see anything here that is a security risk, per se, since most of the stat struct is always filled in before the copyout. Which fields in stat are not explicitly used? I would have expected them all to be filled in in all cases. It would likely be faster to just wonk on st_lspare and st_qspare[2] in cvstat... Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911172221.PAA19404>