[ Home | Liste | F.A.Q. | Risorse | Cerca... ]


[ Data: precedente | successivo | indice ] [ Argomento: precedente | successivo | indice ]


Archivio: mlangel@sikurezza.org
Soggetto: Re: Angel bypass
Mittente: Angelo Dell'Aera
Data: 24 Feb 2004 14:35:46 -0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 24 Feb 2004 13:09:22 +0100
Daniele Bellucci <bellucda@xxxxxxxxxx> wrote:

>My idea is as following:
>let's  say you're  attempting  to access  through  /dev/kmem a  given
>address 'x' if  'x' fall inside an I/O memory  region (ex: the memory
>region owned by a video card) you say ok!
>
>but if  'x' doesn't fall  in any I/O  memory region it _could  be_ an
>attempt to address  a kernel data structure, so  you say:" Stop, goes
>with your business"
>
>you  can  check if  'x'  falls  in any  I/O  memory  region by  using
>check_resource (IIRC)

Daniele,
we already talked about it and I have to say I definitevely agree with
this approach. IMHO it is sane and well-thought and maybe not too hard
to code... and we like this last thing! :)

Regards.

- --

Angelo Dell'Aera 'buffer' 
Antifork Research, Inc.	  	http://buffer.antifork.org

PGP information in e-mail header


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAO2D2pONIzxnBXKIRAgn/AKC3Fs3F8dN4rqHOrJRlJs24iu6viQCfSnj0
1NWB4jIMW62QRurZgpQEXiI=
=v5jx
-----END PGP SIGNATURE-----

________________________________________________________
http://www.sikurezza.org - Italian Security Mailing List




[ Home | Liste | F.A.Q. | Risorse | Cerca... ]

www.sikurezza.org - Italian Security Mailing List
(c) 1999-2005