Theo de Raadt wrote:
[..]
>> privilege revocation/separation,
>
> split the kernel? huh?
Well, one could do it, but then you end up with a micro-kernel or at
least something that passes, and verifies, messages between the
components which run in separate subsystems. Having it compartmentali
> after reading the recent CORE advisory about the mbuf handling bug, I
> was wondering if some of OpenBSD's exploit mitigation strategies could
> also be applied to the kernel in order to prevent exploitation of kernel
> bugs. Theo's presentation about exploit mitigation (
> http://openbsd.org
Hi all,
after reading the recent CORE advisory about the mbuf handling bug, I
was wondering if some of OpenBSD's exploit mitigation strategies could
also be applied to the kernel in order to prevent exploitation of kernel
bugs. Theo's presentation about exploit mitigation (
http://openbsd.org
3 matches
Mail list logo
