bzImage -> vmlinux?

Bennett Todd bet at rahul.net
Tue Jul 13 11:28:00 PDT 2004


2004-07-13T17:43:33 Ian Molton:
> It is not considered 'secure' for this version of zlib to handle
> userspace zlib needs, although I have never been quite sure *why* this
> is, as theres nothing stopping the kernel zib code being mapped
> *read-only* into userspace...

Just speculating, how about if the kernel zlib wasn't written to be
safely and robustly defensive in the face of corrupt inputs? What if
there were input strings (which would never be created by the make
bzImage process) that caused exploitable buffer overruns in in the
kernel's zlib?

-Bennett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/lfs-chat/attachments/20040713/04d1a12b/attachment.sig>


More information about the lfs-chat mailing list