On Sun, 27 Sep 2009, Julian Elischer wrote: > What they need to do now is find a fault where the offset is > 4096.. > > I wouldn't bet against it.. Oh, certainly -- this isn't a security policy, it's a vulnerability mitigation technique. It can be bypassed in the right (wrong?) circumstances, just like stack overflow protection, etc. However, it's also a potentially effective tool for limiting easier exploit paths. The kernel has a lot of 0x$smallnum failure modes, and probably significantly fewer 0x$arbitraryconstant ones, so limiting the former has benefit even if it doesn't limit the latter. To more thoroughly eliminate this type of exploit path, we'd need to move to independent kernel/user address spaces, which would increase robustness at signficant cost to performance. I think the current strategy offers some nice middle-ground benefits, and certainly makes it more tricky to exploit several reported vulnerabilities in the last year. RobertReceived on Sun Sep 27 2009 - 17:01:27 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:56 UTC