And btw, one can easily do a DOS with memory allocations. Just alloc
large enough amount of memory (but not so large that it would trigger
OOM-killer) and then constantly write over it. Device is frozen swapping
until the process is killed.
As to LD_PRELOAD and ptrace(), former doesn't catch syscalls done directly
in ASM and AFAIK ptrace is racy (if I remember correctly, this was
mentioned in the discussions about utrace).
Regarding things like Flash. Until that can be secured, this doesn't
really do browser any safer for the normal users. Most of the content on
web that non-technical people use and are interested uses Flash in some
way. Especially for media delivery. What's the point of securing a mouse
hole if the barn doors are wide open?
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds