From owner-cvs-all Tue May 19 07:26:20 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id HAA24703 for cvs-all-outgoing; Tue, 19 May 1998 07:26:20 -0700 (PDT) (envelope-from owner-cvs-all@FreeBSD.ORG) Received: from implode.root.com (implode.root.com [198.145.90.17]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA24514; Tue, 19 May 1998 07:25:54 -0700 (PDT) (envelope-from root@implode.root.com) Received: from implode.root.com (localhost [127.0.0.1]) by implode.root.com (8.8.5/8.8.5) with ESMTP id HAA21990; Tue, 19 May 1998 07:25:49 -0700 (PDT) Message-Id: <199805191425.HAA21990@implode.root.com> To: Greg Lehey cc: Tor Egge , cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG, cvs-sys@FreeBSD.ORG Subject: Re: cvs commit: src/sys/i386/i386 machdep.c vm_machdep.c src/sys/i386/include ptrace.h src/sys/kern sys_process.c src/sys/miscfs/procfs procfs.h procfs_mem.c procfs_vnops.c In-reply-to: Your message of "Tue, 19 May 1998 11:17:05 +0930." <19980519111705.R427@freebie.lemis.com> From: David Greenman Reply-To: dg@root.com Date: Tue, 19 May 1998 07:25:49 -0700 Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk >On Mon, 18 May 1998 at 17:00:15 -0700, Tor Egge wrote: >> tegge 1998/05/18 17:00:15 PDT >> >> Modified files: >> sys/i386/i386 machdep.c vm_machdep.c >> sys/i386/include ptrace.h >> sys/kern sys_process.c >> sys/miscfs/procfs procfs.h procfs_mem.c procfs_vnops.c >> Log: >> Disallow reading the current kernel stack. Only the user structure and >> the current registers should be accessible. >> Reviewed by: David Greenman > >What's the rationale for this? How will it affect debuggers? Security - the kernel stack must not be accessible by the user process since it might contain sensitive data. The above should not affect debuggers. -DG David Greenman Co-founder/Principal Architect, The FreeBSD Project To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message