Navigation
Search
|
Removing syscall() from OpenBSD
Friday October 27, 2023. 05:31 PM , from LWN.net
For a view into the OpenBSD approach to security, see this message from
Theo de Raadt, where he describes a plan to remove the syscall() system call (which allows the invocation of any available system call by providing its number) from the kernel. The purpose, of course, is to make it harder for an attacker to invoke an arbitrary system call, even if they are able to run some code on the target system. I hope I am forcing attack coders into using increasingly more complicated methods. Same time, it means fewer methods are available. Other methods make exploitation more fragile. This is pushing success rates into 'low-percent statistical' success. If we teach more software stacks to 'fail hard, don't try to recover', that is an improvement in security.
https://lwn.net/Articles/949078/
|
25 sources
Current Date
May, Mon 6 - 02:36 CEST
|