bzImage -> vmlinux?

Bennett Todd bet at rahul.net
Tue Jul 13 19:20:56 PDT 2004


2004-07-14T01:33:55 Ian Molton:
> Bennett Todd:
> > Just speculating, how about if the kernel zlib wasn't written to be
> > safely and robustly defensive in the face of corrupt inputs? What if
> > there were input strings (which would never be created by the make
> > bzImage process) that caused exploitable buffer overruns in in the
> > kernel's zlib?
> 
> If entered in kernel context, its not good.
> 
> but if the pages were mapped read only to userspace, it would work fine as it would all be executing in user context.

I see it not as a question of context --- overrunning buffers is bad
wherever you do it.

I see it as a question of control of inputs.

The kernel decompresser can reasonably be expected not to be fed
input from a random attacker.

Userspace zlib, on the other hand, uncompresses files that were
compressed by random strangers; it's invoked for web pages without
your consultation or involvement in any way, for instance.

You might be careful with exactly what you do with the contents, but
you don't expect the simple act of unpacking a tar.gz to allow the
person who packed it to run arbitrary code on your system.

I don't _know_ that this is the issue, but you said something about
you didn't see why it could make a difference, so I was offering
possible ways.

-Bennett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/lfs-chat/attachments/20040714/3f6a428c/attachment.sig>


More information about the lfs-chat mailing list