Re: LSM patch for Linux-2.4.20-8

From: Seth Arnold (sarnold@private)
Date: Thu Jan 20 2005 - 11:47:28 PST


On Thu, Jan 20, 2005 at 08:04:54PM +0530, Syed Ahemed wrote:
> Just a thought , Any specific reasons why isn't there a LSM module 
> that takes care of length checking of strings that cause buffer
> overflow ( hooks for strcpy or memcpy ) .?  Even 2.6 doesn't address
> this.

[Syed, please carefully trim your posts so that you quote only relevant
portions of earlier messages in your replies; thanks.]

The kernel doesn't care what language your userspace programs are
written in. The system call interface headers are all written in C,
but they could just as easily be native Ada, Fortran, Java, Assembly,
etc.. As a result, the kernel is not the location to try to solve design
flaws in popular implementation language runtime libraries.

(Besides, who really wants to call out to the kernel every time a
program wants to do something as mundane as copying a string?)

I hope this helps





This archive was generated by hypermail 2.1.3 : Thu Jan 20 2005 - 11:47:58 PST