Re: Security fix for remapping of page 0 (was [PATCH] Change ZERO_SIZE_PTRto point at unmapped space)
From: Rik van Riel
Date: Wed Jun 03 2009 - 12:37:47 EST
Larry H. wrote:
Christopher, crippling the system is truly not the way to fix this.
There are many legitimate users of private|fixed mappings at 0. In
addition, if you want to go ahead and break POSIX, at least make sure
your patch closes the loophole.
I suspect there aren't many at all, and restricting them through
SELinux may be enough to mitigate the risk.
If SELinux isn't present, that's not useful. If mmap_min_addr is
enabled, that still won't solve what my original, utterly simple patch
fixes.
Would anybody paranoid run their system without SELinux?
The patch provides a no-impact, clean solution to prevent kmalloc(0)
situations from becoming a security hazard. Nothing else.
True, the changes in your patch only affect a few code paths.
--
All rights reversed.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/