[plug] Help needed - hackers/crackers and monolithic kernels

Cameron Patrick cameron at patrick.wattle.id.au
Fri Aug 5 12:28:18 WST 2005


Shayne O'Neill wrote:

> Truth be told, most of the kernel 'sploits are more to do with buffer
> smashes, locking shenanigans and other out-of-bound value type stuff.
> Something no design except good design can prevent.

Sure, but if you had the kernel code following the "principle of least
privilege" in the same way that most userland code {does, should do,
can be made to do} then a buffer smash in, say, the USB driver could
only affect USB devices, not give complete access to the whole
system.  Whether any popular micro-kernel design actually _does_ this
I have no idea.

Given that most recent Linux sploits that I know about have taken
advantage of things like system calls which didn't check their
arguments or bugs in interpreting the header fields of executables --
stuff which by its nature needs access to poke stuff into random bits
of system memory -- I'm not really sure how effective that kind of
kernel-level privilege separation would actually be.

Cameron.





More information about the plug mailing list