Pavel Machek <pavel@private> wrote on 05/25/2005 11:06:01 AM: > > > > If I understand you, then you are claiming that steps (ii) to (v) > > introduce buffer overflows in bash or show_etc_issue. How? > > No, I'm not claiming that. You are certainly *not* introducing any new > problems. > > But some problems that used to be harmless (buffer overrun in > show_etc_issue command) are not harmless any more. > Pavel How is a buffer overrun in a script/application less "harmless" with IMA? Please be specific. Preliminary IMA patches are out on the mailing lists. The only thing that IMA does with respect to existing known buffer overruns is that it enables remote parties to know that there is an application with a known buffer overrun if this application/script was measured. Such information is sensitive and this is one reason why direct access to the measurements are restricted to authorized/trusted parties. Thanks Reiner
This archive was generated by hypermail 2.1.3 : Wed May 25 2005 - 08:33:39 PDT