Re: [uml-devel] Blank process command lines in 2.6.13.2?

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Jeff Dike <jdike@addtoit.com>
To: Rob Landley <rob@landley.net>
Cc: user-mode-linux-devel@lists.sourceforge.net
Subject: Re: [uml-devel] Blank process command lines in 2.6.13.2?
Date: Mon, 10 Oct 2005 10:36:15 -0400	[thread overview]
Message-ID: <20051010143615.GA3448@ccure.user-mode-linux.org> (raw)
In-Reply-To: <200510100010.10951.rob@landley.net>

On Mon, Oct 10, 2005 at 12:10:10AM -0500, Rob Landley wrote:
> Any likelihood that at some point in the future it could accidentally point to 
> something it would be a bad idea to display?

I think the worst case is skas3 with no stack randomization, where that
page will point somewhere into the process stack.  There is some slight 
possibility that something could store a password on its stack, and have that
end up in the area that the host ps looks for arguments.  This would make the
password visible on the host for the time that this process in context.

With stack randomization, the UML process stacks will be located
elsewhere almost all the time, so with skas3, there is a smaller
chance that there will be a visible password there.

With skas0, that page is the stub signal stack, which contains no sensitive
information.

				Jeff

-------------------------------------------------------
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discussions,
and more. http://solutions.newsforge.com/ibmarch.tmpl
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel

next prev parent reply	other threads:[~2005-10-10 14:43 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-10-09 21:23 [uml-devel] Blank process command lines in 2.6.13.2? Rob Landley
2005-10-10  2:06 ` Jeff Dike
2005-10-10  5:10   ` Rob Landley
2005-10-10 14:36     ` Jeff Dike [this message]
2005-10-10 23:30       ` Rob Landley

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20051010143615.GA3448@ccure.user-mode-linux.org \
    --to=jdike@addtoit.com \
    --cc=rob@landley.net \
    --cc=user-mode-linux-devel@lists.sourceforge.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.