From: "H. Peter Anvin" <hpa@zytor.com>
To: linux-kernel@vger.kernel.org
Subject: Re: [2.6] The List, pass #2
Date: 12 Aug 2002 22:27:43 -0700 [thread overview]
Message-ID: <aja5cf$5po$1@cesium.transmeta.com> (raw)
In-Reply-To: 3D5233BC.96ABDF73@aitel.hist.no
Followup to: <3D5233BC.96ABDF73@aitel.hist.no>
By author: Helge Hafting <helgehaf@aitel.hist.no>
In newsgroup: linux.dev.kernel
> >
> > Why *safer*? Partition (,DHCP,..) code is ran once at boot. It is hard for
> > it to harm security.
>
> I wouldn't worry about partition detection, but network stuff
> is always risky. A "bad guy" could listen for DHCP
> and try to fake a response or do a buffer overflow.
>
> Userspace programs are supposedly easier to fix, and a
> messed-up userspace isn't quite as bad as a messed up kernel
> when an attacker tries to get in.
>
Perhaps more relevantly:
a) User-space code is easier to write; consider memory management in
particular.
b) If the user-space process has gotten compromised or corrupted, it
still goes away when it exits. In the kernel, any corruption stays
around forever.
-hpa
--
<hpa@transmeta.com> at work, <hpa@zytor.com> in private!
"Unix gives you enough rope to shoot yourself in the foot."
http://www.zytor.com/~hpa/puzzle.txt <amsp@zytor.com>
next prev parent reply other threads:[~2002-08-13 5:24 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-07-19 4:47 [2.6] The List, pass #2 Guillaume Boissiere
2002-07-19 5:08 ` Karim Yaghmour
2002-07-19 12:41 ` mbs
2002-07-19 13:16 ` jlnance
2002-07-20 7:28 ` Bruce Harada
2002-07-28 10:47 ` Aaron Lehmann
2002-07-31 17:43 ` Bill Davidsen
2002-07-31 17:58 ` Christoph Hellwig
2002-07-31 18:54 ` Bill Davidsen
2002-07-31 20:20 ` Trond Myklebust
2002-07-31 20:23 ` Christoph Hellwig
2002-07-31 20:24 ` Christoph Hellwig
2002-07-31 20:34 ` Trond Myklebust
2002-08-01 0:31 ` Alan Cox
2002-07-31 23:42 ` J. Bruce Fields
2002-08-01 9:33 ` David Schwartz
2002-08-01 13:42 ` Alan Cox
2002-08-01 15:39 ` J. Bruce Fields
2002-07-31 22:04 ` David Lang
2002-08-01 9:33 ` Helge Hafting
2002-08-03 3:40 ` Pavel Machek
2002-08-08 9:02 ` Helge Hafting
2002-08-13 3:00 ` Bill Davidsen
2002-08-13 5:27 ` H. Peter Anvin [this message]
2002-08-01 0:34 ` Neil Brown
2002-08-01 1:56 ` Albert D. Cahalan
2002-08-01 2:30 ` Roland Dreier
2002-08-01 3:25 ` Albert D. Cahalan
2002-08-01 4:05 ` Roland Dreier
2002-08-01 5:08 ` Linus Torvalds
2002-08-01 6:10 ` Austin Gonyou
2002-08-05 7:29 ` Rob Landley
2002-08-01 18:45 ` Ben Greear
2002-08-01 14:12 ` Alan Cox
2002-08-09 2:30 ` Alan Cox
-- strict thread matches above, loose matches on Subject: below --
2002-08-07 17:11 Matt_Domsch
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='aja5cf$5po$1@cesium.transmeta.com' \
--to=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox