Subject: Re: bad effect of keeping page table mapped in user space ?
To: Steven M. Bellovin <email@example.com>
From: Manuel Bouyer <firstname.lastname@example.org>
Date: 11/27/2007 10:13:02
On Tue, Nov 27, 2007 at 01:21:30AM +0000, Steven M. Bellovin wrote:
> On Tue, 27 Nov 2007 00:35:46 +0100
> Manuel Bouyer <email@example.com> wrote:
> > Hi,
> > can anyone see a bad side effect or security issue of having a
> > process's page table mapped in the process's VM space ?
> What is in the page table entries? Can a user process overwrite them?
> In particular, can a user process change which physical addresses are
> referred to by arbitrary virtual addresses? If so, there's a very
> serious security issue.
No, or course the page table are mapped read-only (I didn't make it
clear in my mail, sorry)
Manuel Bouyer, LIP6, Universite Paris VI. Manuel.Bouyer@lip6.fr
NetBSD: 26 ans d'experience feront toujours la difference