Lists

Open Menu Close Menu

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: IOKit KEXT Questions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IOKit KEXT Questions

Subject: Re: IOKit KEXT Questions
From: Ernesto Corvi <email@hidden>
Date: Thu, 16 Aug 2007 12:29:58 -0400

On Aug 15, 2007, at 7:24 PM, Terry Lambert wrote:

We hide system calls so someone unscrupulous does not overwrite their entry points with jump instructions to their own code, perhaps thinking that we do not change locking or other implementations details in software updates.

If you need to trap and/or prevent this type of operation for legitimate reasons, use kauth instead.

How is that going to prevent any unscrupulous people from hooking into the kernel? I'm baffled.

An unscrupulous person most likely doesn't care at all if his code runs with the next software update. By the time the next software update comes around, he already did his key-logging, ran his daemons and potentially completely compromised the system.

Do we *really* need to send a feature request to harden the security on the kernel and provide a truly authorized KPI for legitimate patches?

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden


Follow-Ups:

Re: IOKit KEXT Questions
From: Terry Lambert <email@hidden>
Re: IOKit KEXT Questions
From: Amanda Walker <email@hidden>


References:  
  >IOKit KEXT Questions (From: Matt Burnett <email@hidden>)
  >Re: IOKit KEXT Questions (From: Terry Lambert <email@hidden>)




Prev by Date:
Re: Rereading A Partition Table

Next by Date:
Re: IOKit KEXT Questions

Previous by thread:
Re: IOKit KEXT Questions

Next by thread:
Re: IOKit KEXT Questions

Index(es):

Date
Thread