Re: [2.6] The List, pass #2

H. Peter Anvin (hpa@zytor.com)
12 Aug 2002 22:27:43 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andreas Dilger: "Re: [patch 1/21] random fixes"
Previous message: Andrew Morton: "Re: [patch 1/21] random fixes"

Followup to: <3D5233BC.96ABDF73@aitel.hist.no>
By author: Helge Hafting <helgehaf@aitel.hist.no>
In newsgroup: linux.dev.kernel
> >
> > Why *safer*? Partition (,DHCP,..) code is ran once at boot. It is hard for
> > it to harm security.
>
> I wouldn't worry about partition detection, but network stuff
> is always risky. A "bad guy" could listen for DHCP
> and try to fake a response or do a buffer overflow.
>
> Userspace programs are supposedly easier to fix, and a
> messed-up userspace isn't quite as bad as a messed up kernel
> when an attacker tries to get in.
>

Perhaps more relevantly:

a) User-space code is easier to write; consider memory management in
particular.

b) If the user-space process has gotten compromised or corrupted, it
still goes away when it exits. In the kernel, any corruption stays
around forever.

-hpa

-- 
<hpa@transmeta.com> at work, <hpa@zytor.com> in private!
"Unix gives you enough rope to shoot yourself in the foot."
http://www.zytor.com/~hpa/puzzle.txt	<amsp@zytor.com>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Andreas Dilger: "Re: [patch 1/21] random fixes"
Previous message: Andrew Morton: "Re: [patch 1/21] random fixes"