On Tue, Sep 18, 2012 at 5:48 PM, comex <comexk@gmail.com> wrote:

On Tue, Sep 18, 2012 at 5:22 PM, Jean Suisse <jean.lists@gmail.com> wrote: That's not sufficient: for an attacker to even know the value of the heap pointer compromises KASLR

Er, and that's assuming that "only the kernel can write to the structure" means that only kernel-originated requests can modify or delete the structure. If user requests are allowed to modify it, as you said in your original message, it's pretty much an immediate game over. _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.... This email sent to site_archiver@lists.apple.com