|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Dave Korn (dave.korn
artimi.com)
Date: Tue Mar 06 2007 - 08:34:39 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 05 March 2007 14:51, Michal Zalewski wrote:
> On Mon, 5 Mar 2007, Michal Zalewski wrote:
>
>> The flaw is caused by a missing check that allows you to gain access to
>> the first physical page of memory, which you can then read or write.
>
> And yeah, that's incorrect. I misread the exploit; it indeed relies on
> planting readable 0x0000000 in process memory for the kernel to tap into.
So why doesn't linux do like 'doze does, and permanently map a guard page at
0x0 in all user-spaces?
cheers,
DaveK
--
Can't think of a witty .sigline today....
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]