[grsec] Theo de Raadt's rant on Linux security
pageexec at freemail.hu
pageexec at freemail.hu
Thu Nov 5 16:32:41 EST 2009
On 5 Nov 2009 at 14:36, Pavel Labushev wrote:
> What I would like to know:
>
> When (how much years ago) PaX introduced the protection against
> exploitation of in-kernel NULL ptr dereference bugs?
did you read the info in spender's exploit? if something's missing,
let us know ;).
> And last but not least. Since there's no documentation available about
> kernel exploit mitigation in OpenBSD, could you, please, shed some light
> on what's done in OpenBSD, what's missing, and what is done wrong (?) in
> OpenBSD to protect against exploitation of kernel bugs?
that's be a question for them, i don't really follow what they're (not)
doing ;). from what i recall, there's no conscious effort to protect the
kernel against its own bugs, what they had was a sideeffect of uvm/malloc
features that they had anyway, regardless of any 'hardening' (or lack thereof).
More information about the grsecurity
mailing list