On Thu, 16 Oct 2003 18:28:15 -0400
David Gilbert <[EMAIL PROTECTED]> wrote:

> As you conjecture, a syscall-less or syscall-restricted environment
> *should* be safe ... if your syscall changes are bulletproof *_and_*
> the rest of the runtime environment is bulletproof.
Good system call policies are a WONDERFUL feature at a system
administrator's hands. There is no such thing as a syscall-less
environment but only a restricted (either at the same layer as the
system calls or above in terms of code path).

> Isn't a syscall required to finish off exit()?
Yes, consult kern_exit.c
How is this related to the discussion though? The fact is, most people
would not even want to TOUCH sys_exit and friends since there are no
real security advantages there. In otherwords, an exit system call
remains completely the same.

--
+-----------------------------------+
| Samy Al Bahra | [EMAIL PROTECTED] |
|-----------------------------------|
|     B3A7 F5BE B2AE 67B1 AC4B      |
|     0983 956D 1F4A AA54 47CB      |
|-----------------------------------|
|     http://www.kerneled.com       |
+-----------------------------------+

_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to