[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: Secure 2.4.x kernel

I should also add...

I do understand that running processes as "root" is
basically the problem... but in theory, the setup of running
things under a different user can be a pain -- why not
simply allow the kernel to handle it...

...

-----Original Message-----
From: Gary MacDougall [mailto:gary@freeportweb.com]
Sent: Friday, December 21, 2001 12:00 PM
To: Kelly Martin; 'Noah L. Meyerhans'; debian-security@lists.debian.org
Subject: RE: Secure 2.4.x kernel


Thanks everyone for the answer.

I was pretty sure that the kernel would be able
to detect the fault, but I needed to *make* sure
before i asked another question.

Now heres my next questions and its a security one.
Based off what was explained by Noah and Kelly,
it appears to me that Buffer Overruns can be dealt
with at the kernel level and that there is probably
a way in the kernel to stop a root exploit during
a buffer overrun.  Why hasn't (or maybe someone has)
someone come up with a "ring" or security layer that
protects against root exploits on buffer overruns?

Maybe this is totally stupid question, but I've
been jumping into security a lot lately, and I noticed
that most of the exploits (if not all) on Linux/Unix
are basically buffer overrun.  After reading that
excellent article "Smashing the stack for fun and
profit", it became pretty clear that there are really
two issues:

1. Applications that allow for an overrun
2. The kernel allowing for the exec of a shell (ouch!).

Why not simply have a ring in the kernel that one good
attach the processes too which protected against this?

Gary

-----Original Message-----
From: Kelly Martin [mailto:kellym@fb00.fb.org]
Sent: Friday, December 21, 2001 11:00 AM
To: 'Noah L. Meyerhans'; debian-security@lists.debian.org
Subject: RE: Secure 2.4.x kernel


> So, in short, seg faults *come*from* the kernel, so of course the kernel
> knows when a program segfaults.

Actually, segmentation faults come from the processor (more specifically,
the memory management unit).  The kernel processes the hardware exception
and converts it into a signal to be sent to the offending process.

It is possible for the kernel itself to segfault; this causes a kernel
panic.

Kelly


--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org


---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.310 / Virus Database: 171 - Release Date: 12/19/2001

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.310 / Virus Database: 171 - Release Date: 12/19/2001


--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org


---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.310 / Virus Database: 171 - Release Date: 12/19/2001

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.310 / Virus Database: 171 - Release Date: 12/19/2001
Reply to: