Date: Sat, 18 Sep 2004 12:24:04 +0200 From: gerarra@tin.it To: freebsd-hackers@freebsd.org Subject: Re: FreeBSD Kernel buffer overflow Message-ID: <4146316C0000A1ED@ims3a.cp.tin.it> In-Reply-To: <200409180918.i8I9ItWl001012@gw.catspoiler.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>What keeps the attacker from installing two syscalls, the first of which= >pokes NOPs over the KASSERT code, and the second of which accepts too >many arguments? > >If you think we really need this bit of extra security, why not just >prevent the syscall with too many arguments from being registered by >syscall_register()? At least that keeps the check out of the most >frequently executed path. This is not intended like a security check, just like a prevention agains= t accidental buffer overflow (like my proof of concept). This is a quite si= mple concept, take care. rookie
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4146316C0000A1ED>