Subject: Re: fstat syscalls buggy in -current ?
To: David Laight <david@l8s.co.uk>
From: Bill Studenmund <wrstuden@netbsd.org>
List: current-users
Date: 05/15/2002 13:23:52
On Wed, 15 May 2002, David Laight wrote:

> On Wed, May 15, 2002 at 12:44:52PM -0700, Bill Studenmund wrote:
> > Probably. i386 has a shared-address space; the kernel is mapped into the
> > top of each process's address space. So the addresses were valid, and
> > vmware probably ignored the not-user-space check.
>
> In that case it is particularly broken!
> Definitely a serious security problem.....

Not necessarily, but maybe. The problem here is the kernel happily reading
from or writing to kernel pages with code that should complain. To be a
security problem, user code would need to be able to read/write kernel
pages. That's a different problem, which isn't part of this thread so far.

Take care,

Bill