>What keeps the attacker from installing two syscalls, the first of which >pokes NOPs over the KASSERT code, and the second of which accepts too >many arguments? > >If you think we really need this bit of extra security, why not just >prevent the syscall with too many arguments from being registered by >syscall_register()? At least that keeps the check out of the most >frequently executed path.
This is not intended like a security check, just like a prevention against accidental buffer overflow (like my proof of concept). This is a quite simple concept, take care. rookie _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
