From: Rob Landley <rob@landley.net>
To: user-mode-linux-devel@lists.sourceforge.net
Cc: Jeff Dike <jdike@addtoit.com>
Subject: Re: [uml-devel] Blank process command lines in 2.6.13.2?
Date: Mon, 10 Oct 2005 18:30:22 -0500 [thread overview]
Message-ID: <200510101830.23167.rob@landley.net> (raw)
In-Reply-To: <20051010143615.GA3448@ccure.user-mode-linux.org>
On Monday 10 October 2005 09:36, Jeff Dike wrote:
> I think the worst case is skas3 with no stack randomization, where that
> page will point somewhere into the process stack. There is some slight
> possibility that something could store a password on its stack, and have
> that end up in the area that the host ps looks for arguments. This would
> make the password visible on the host for the time that this process in
> context.
I'm not so worried about sensitive info because in the parent kernel you can
just attach to the process from a debugger (although not necessarily as a
different, normal user). I'm actually slightly more concerned about high
ascii garbage or who knows what showing up and making ps look really weird.
> With stack randomization, the UML process stacks will be located
> elsewhere almost all the time, so with skas3, there is a smaller
> chance that there will be a visible password there.
>
> With skas0, that page is the stub signal stack, which contains no sensitive
> information.
Is there any way to move the stub signal stack on skas0 by one page so that we
can still have ps on the parent system look right? I don't know how hard
that is. (Is there a design document for -skas0 anywhere? I found
the /dev/anon page...)
Rob
-------------------------------------------------------
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discussions,
and more. http://solutions.newsforge.com/ibmarch.tmpl
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
prev parent reply other threads:[~2005-10-10 23:30 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-10-09 21:23 [uml-devel] Blank process command lines in 2.6.13.2? Rob Landley
2005-10-10 2:06 ` Jeff Dike
2005-10-10 5:10 ` Rob Landley
2005-10-10 14:36 ` Jeff Dike
2005-10-10 23:30 ` Rob Landley [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200510101830.23167.rob@landley.net \
--to=rob@landley.net \
--cc=jdike@addtoit.com \
--cc=user-mode-linux-devel@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.