[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: false asumption or security flaw? (fwd)

To: "'James Stevenson'" <mistral@stevenson.zetnet.co.uk>, kernel-audit@nl.linux.org
Subject: RE: false asumption or security flaw? (fwd)
From: "Strohm Thomas (FV/SLD) *" <Thomas.Strohm@de.bosch.com>
Date: Thu, 24 Aug 2000 14:40:56 +0200
Sender: owner-kernel-audit@nl.linux.org

> the reson why the program will not dump is becuase it is done by a 4k
> page system and the page has not been freed by the proggram because it
> probably has something else in it and then the same page will not be
> alloced to another process
> 
> somebody please correct me if i am wrong :)

That's right. Memory protection is always page-grained (4kB). 
And there's only one reliable, transparent, and low-overhead 
mechanism to control the access to memory pages: the one 
implemented in the MMU of the CPU.

If you want to cause a seg-fault, you have to do:

	int *ip; ip = 0; *ip = 0; /* :-) */

This works because the zero-page is write-protected (to
catch exactly these null-pointer reference errors).

Have fun.

Thomas.

Kernel-audit:  discussion list for security and the linux kernel
Archive:       http://mail.nl.linux.org/kernel-audit/

Follow-Ups:
- RE: false asumption or security flaw? (fwd)
  - From: Lennert Buytenhek <buytenh@gnu.org>

Prev by Date: Re: false asumption or security flaw? (fwd)
Next by Date: RE: false asumption or security flaw? (fwd)
Prev by thread: Re: false asumption or security flaw? (fwd)
Next by thread: RE: false asumption or security flaw? (fwd)
Index(es):
- Date
- Thread