public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed
From: Ashby <ironicface@earthlink.net>
To: Linux Kernel list <linux-kernel@vger.kernel.org>
Subject: Module idea
Date: Mon, 09 Sep 2002 05:21:14 -0500	[thread overview]
Message-ID: <3D7C761A.7090806@earthlink.net> (raw)

Hi,

I had an idea to potentially improve security, and I think it
might be best implemented as a kernel module.

Since buffer problems are a common network (and other) security
risk, why not create a Buffer Manager (similar to PAM, in the 
authentication domain), to handle all buffer requests with the
outside world?

If the manager existed after the tcp/ip stack, and before any processes
needing buffer input, then it could store the whole data as returned
by the tcp/ip stack.

When a process requests a buffer, it asks by (net) address, and includes 
a buffer length. The buffer manager returns the appropriate amount of
data to the process, and then clears the address. The buffer manager
could also be set to log buffer overruns.

Have a good day/evening,

R. Ashby
ironicface -at- earthlink -dot- net


                 reply	other threads:[~2002-09-09 10:16 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3D7C761A.7090806@earthlink.net \
    --to=ironicface@earthlink.net \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox