On Thu, 16 Oct 2003 18:28:15 -0400 David Gilbert <[EMAIL PROTECTED]> wrote:
> As you conjecture, a syscall-less or syscall-restricted environment > *should* be safe ... if your syscall changes are bulletproof *_and_* > the rest of the runtime environment is bulletproof. Good system call policies are a WONDERFUL feature at a system administrator's hands. There is no such thing as a syscall-less environment but only a restricted (either at the same layer as the system calls or above in terms of code path). > Isn't a syscall required to finish off exit()? Yes, consult kern_exit.c How is this related to the discussion though? The fact is, most people would not even want to TOUCH sys_exit and friends since there are no real security advantages there. In otherwords, an exit system call remains completely the same. -- +-----------------------------------+ | Samy Al Bahra | [EMAIL PROTECTED] | |-----------------------------------| | B3A7 F5BE B2AE 67B1 AC4B | | 0983 956D 1F4A AA54 47CB | |-----------------------------------| | http://www.kerneled.com | +-----------------------------------+ _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"