[rsbac] Fwd: Re: Will 2.4.20 Source be patched for the latest
kernel vulnerability?
Amon Ott
ao at rsbac.org
Tue Dec 2 14:45:08 CET 2003
On Dienstag, 2. Dezember 2003 14:27, Dmitry V. Levin wrote:
> On Tue, Dec 02, 2003 at 02:15:58PM +0100, Amon Ott wrote:
> > Just found a workaround for the 2.4 sys_brk bug. It seems sufficient to
limit
> > the address space to max. 2GB, e.g. using RSBAC RES module:
>
> No, it is not sufficient, sorry.
>
> There is nothing in RSBAC which prevents the binary to be linked at a higher
> address, right?
Nothing helps but fixing the kernel bug, see my latest posting. I fear, none
of the existing kernel security extensions can limit this bug's effects.
All of you certainly know that RSBAC, like the other kernel extensions, must
rely on the kernel's correct implementation. Once you enter kernel space,
there is no more security - this is a major disadvantage of its monolithic
design.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the rsbac
mailing list