Re: Task emulation vectors
Re: Task emulation vectors
- Subject: Re: Task emulation vectors
- From: "Justin C. Walker" <email@hidden>
- Date: Mon, 18 Jun 2007 09:05:46 -0700
On Jun 18, 2007, at 04:38 , Mo McRoberts wrote:
Hi Alexei,
Many thanks for the pointer (no pun intended).
A Google search for "Mac OS X system call emulation" leads to
http://docs.info.apple.com/article.html?artnum=301327 ("About the
security content of the Mac OS X 10.3.9 Update"):
"The kernel contains syscall emulation functionality that is not
used in Mac OS X. Insufficient validation of an input parameter
list could result in a heap overflow and a local denial of service
through a kernel panic. The issue is addressed by removing the
syscall emulation functionality."
I'm not entirely sure how I missed that! I possibly focussed too
much on Darwin/XNU rather than Mac OS X, though. Lesson learned for
the future, I think.
I'm not sure what you mean here. The removed code was in XNU (osfmk/
kern/syscall_emulation.c, in source trees prior to 10.3.9).
Glancing at the Darwin sources confirm that the syscall emulation
code was removed between 10.3.8 and 10.3.9.
That's a bit of a shame, really. Strikes me somewhat as akin to
amputating an arm because a little finger's been broken, but then
ours is not to reason why.
I think it's more akin to removing an appendix to avoid serious
death :-}. It was not being used and it was a security problem.
Justin
--
Justin C. Walker, Curmudgeon at Large
Institute for the Absorption of Federal Funds
-----------
I'm beginning to like the cut of his jibberish.
-----------
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden