Bug not a bug


It’s been reported that most every flavor of BSD (including DragonFly) has a FireWire bug allowing a local user to dump all system memory by passing a negative value to an ioctl. This is reported as part of the Month of Kernel Bugs, though that project’s web page doesn’t list it.

Joerg Sonnenberger pointed out that it isn’t a problem on i386 systems, as copyout checks that the argument doesn’t intrude into userland or beyond address space.

Posted by     Categories: Goings-on     0 Comments
0 Comments on Bug not a bug

Respond | Trackback

Respond

Comments

Comments