sendsys security issue

Eric Jacobs eric at theeric.com
Mon Nov 7 21:25:48 PST 2005


On Mon, 7 Nov 2005 19:50:13 -0800 (PST)
Matthew Dillon <dillon at xxxxxxxxxxxxxxxxxxxx> wrote:

> 
> :
> :
> :I am interested in understanding and possibly fixing the security issue
> :that seems to be a problem with using sendsys to send an asynchronous
> :request. Anyone have any info?
> :
> :Thanks,
> :-Eric
> 
>     Could you elaborate on this?  I don't know of any current security
>     issues with sendsys, unless you are refering the potential for memory
>     exhaustion.

I noticed the following comment in libcaps/sysport.c :

    /**
     * XXX this is a temporary hack until the kernel changes to implement
     * the desired asynchronous goals.
     *
     * The current asynchronous messaging systemcall interface that sendsys
     * uses has some potential security issues and is limited to use by the
     * superuser only.  Synchronous messages are allowed by anyone.  Sendsys
     * returns EPERM in the case where you are not the superuser but tried to
     * send an asynchonous message.
     *
     * If you are not the super user then the system call will be made again,
     * but without MSGF_ASYNC set.
     */

Is this no longer pertinent?

>  sendsys is currently not used for anything real.

But it will be, right? It should subsume (or nearly subsume) the old syscall trap?

-Eric





More information about the Kernel mailing list