Discussion:
The History of a Security Hole
Add Reply
David Solimano
2018-09-10 01:52:10 UTC
Reply
Permalink
Raw Message
http://www.os2museum.com/wp/the-history-of-a-security-hole/
A while ago I was made aware of a strange problem causing a normal
user process running on 32-bit i386 OpenBSD 6.3 to crash the OS
(i386 only, not amd64). The problem turned out to be a security
hole with history that goes back more than three decades.
Yikes - learned about one of the finer points of the x86 architecture,
and maybe to trust OS developers a bit less.
--
David Solimano
***@solimano.org
Rich
2018-09-10 02:37:44 UTC
Reply
Permalink
Raw Message
Post by David Solimano
http://www.os2museum.com/wp/the-history-of-a-security-hole/
A while ago I was made aware of a strange problem causing a normal
user process running on 32-bit i386 OpenBSD 6.3 to crash the OS
(i386 only, not amd64). The problem turned out to be a security
hole with history that goes back more than three decades.
Yikes - learned about one of the finer points of the x86 architecture,
and maybe to trust OS developers a bit less.
Well, in the OS developers defense, the Intel documentation on the same
was scattered, incomplete, and confusing as well.

But, the OS developers get some of the blame with that comment that
implied the trailing struct was for software use when it was an item
used by the hardware (and therefore subject to the limitations of "the
hardware wants it to be exactly here and no other place").

So both sides get to take part of the 'blame' here.

Loading...