|
|
Log in / Subscribe / Register

Linux 2.6.30 exploit posted

Linux 2.6.30 exploit posted

Posted Jul 20, 2009 12:40 UTC (Mon) by spender (guest, #23067)
In reply to: Linux 2.6.30 exploit posted by makomk
Parent article: Linux 2.6.30 exploit posted

Where's this documented behavior you talk about? Here's the documentation for it straight from the configuration help:

config SECURITY_DEFAULT_MMAP_MIN_ADDR
int "Low address space to protect from user allocation"
depends on SECURITY
default 0
help
This is the portion of low virtual memory which should be protected
from userspace allocation. Keeping a user from writing to low pages
can help reduce the impact of kernel NULL pointer bugs.

For most ia64, ppc64 and x86 users with lots of address space
a value of 65536 is reasonable and should cause no problems.
On arm and other archs it should not be higher than 32768.
Programs which use vm86 functionality would either need additional
permissions from either the LSM or the capabilities module or have
this protection disabled.

This value can be changed after boot using the
/proc/sys/vm/mmap_min_addr tunable.

Distros bother to set the /proc/sys/vm/mmap_min_addr. It mattered before when mmap_min_addr was bypassed via do_brk(). It matters now that everyone by default can bypass mmap_min_addr simply from having SELinux enabled.

-Brad

to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds