* Module idea
@ 2002-09-09 10:21 Ashby
0 siblings, 0 replies; only message in thread
From: Ashby @ 2002-09-09 10:21 UTC (permalink / raw)
To: Linux Kernel list
Hi,
I had an idea to potentially improve security, and I think it
might be best implemented as a kernel module.
Since buffer problems are a common network (and other) security
risk, why not create a Buffer Manager (similar to PAM, in the
authentication domain), to handle all buffer requests with the
outside world?
If the manager existed after the tcp/ip stack, and before any processes
needing buffer input, then it could store the whole data as returned
by the tcp/ip stack.
When a process requests a buffer, it asks by (net) address, and includes
a buffer length. The buffer manager returns the appropriate amount of
data to the process, and then clears the address. The buffer manager
could also be set to log buffer overruns.
Have a good day/evening,
R. Ashby
ironicface -at- earthlink -dot- net
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2002-09-09 10:16 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-09-09 10:21 Module idea Ashby
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox