Re: kern/39559 (veriexec(4): too easy to cause a NULL dereference through it in kernel)

[jnemeth%victoria.tc.ca@localhost (John Nemeth)]

The following reply was made to PR kern/39559; it has been noted by GNATS.

From: jnemeth%victoria.tc.ca@localhost (John Nemeth)
To: elad%netbsd.org@localhost
Cc: gnats-bugs%netbsd.org@localhost, xtraeme%gmail.com@localhost
Subject: Re: kern/39559 (veriexec(4): too easy to cause a NULL dereference 
through it in kernel)
Date: Sun, 14 Dec 2008 21:40:04 -0800

 On May 6,  8:23pm, "Elad Efrat" wrote:
 } On Mon, Dec 15, 2008 at 1:37 AM, John Nemeth 
<jnemeth%victoria.tc.ca@localhost> wrote:
 } > On Apr 1, 11:29am, elad%NetBSD.org@localhost wrote:
 } > }
 } > } Synopsis: veriexec(4): too easy to cause a NULL dereference through it 
in kernel
 } > }
 } > } State-Changed-From-To: open->closed
 } > } State-Changed-By: elad%NetBSD.org@localhost
 } > } State-Changed-When: Sun, 14 Dec 2008 23:21:35 +0000
 } > } State-Changed-Why:
 } > } Fixed, thanks for the report!
 } >
 } >     Does this need to be pulled up?
 } 
 } It does not pose a security risk to netbsd-5, because it requires root
 } privileges to trigger, but I can submit a pullup request if you (or
 
      That would still be a serious problem.  Part of the reason for
 things like securelevel and veriexec is to protect the system against
 root processes.  It would be nice to see 5.0 go out without any serious
 issues.  Realistically there will be some, but we should get rid of as
 many as is reasonably possible.
 
 } anyone) would like to see this fixed still. :)
 } (I figured I should not overload releng with stuff that isn't entirely 
crucial.)
 
      releng has been doing a good job of keeping on top of things.
 Currently there is only one ticket in the pullup queue which has been
 deliberately stalled.
 
 }-- End of excerpt from "Elad Efrat"