site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com On Jun 18, 2007, at 04:38 , Mo McRoberts wrote: Hi Alexei, Many thanks for the pointer (no pun intended). Justin -- Justin C. Walker, Curmudgeon at Large Institute for the Absorption of Federal Funds ----------- I'm beginning to like the cut of his jibberish. ----------- _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... A Google search for "Mac OS X system call emulation" leads to http://docs.info.apple.com/article.html?artnum=301327 ("About the security content of the Mac OS X 10.3.9 Update"): "The kernel contains syscall emulation functionality that is not used in Mac OS X. Insufficient validation of an input parameter list could result in a heap overflow and a local denial of service through a kernel panic. The issue is addressed by removing the syscall emulation functionality." I'm not entirely sure how I missed that! I possibly focussed too much on Darwin/XNU rather than Mac OS X, though. Lesson learned for the future, I think. I'm not sure what you mean here. The removed code was in XNU (osfmk/ kern/syscall_emulation.c, in source trees prior to 10.3.9). Glancing at the Darwin sources confirm that the syscall emulation code was removed between 10.3.8 and 10.3.9. That's a bit of a shame, really. Strikes me somewhat as akin to amputating an arm because a little finger's been broken, but then ours is not to reason why. I think it's more akin to removing an appendix to avoid serious death :-}. It was not being used and it was a security problem. This email sent to site_archiver@lists.apple.com