sendsys security issue

Joerg Sonnenberger joerg at britannica.bec.de
Tue Nov 8 01:22:52 PST 2005


On Mon, Nov 07, 2005 at 04:55:33PM -0600, Eric Jacobs wrote:
> 
> I am interested in understanding and possibly fixing the security issue
> that seems to be a problem with using sendsys to send an asynchronous
> request. Anyone have any info?

Other than the memory exhaustion Matt mentions, it is also about atomicy
of process context state. A lot of the kernel depends on the UID not
changing over time during a system call. sendsys breaks this and other
assumptions from the single syscall modell.

Joerg





More information about the Kernel mailing list