DragonFly BSD
DragonFly kernel List (threaded) for 2005-11
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: sendsys security issue


From: Joerg Sonnenberger <joerg@xxxxxxxxxxxxxxxxx>
Date: Tue, 8 Nov 2005 10:13:53 +0100
Mail-followup-to: kernel@crater.dragonflybsd.org

On Mon, Nov 07, 2005 at 04:55:33PM -0600, Eric Jacobs wrote:
> 
> I am interested in understanding and possibly fixing the security issue
> that seems to be a problem with using sendsys to send an asynchronous
> request. Anyone have any info?

Other than the memory exhaustion Matt mentions, it is also about atomicy
of process context state. A lot of the kernel depends on the UID not
changing over time during a system call. sendsys breaks this and other
assumptions from the single syscall modell.

Joerg



[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]