Dave wrote: > User: CallService DestroyFileSystem <victim's partition> > OS: Sorry, no such service. > User: CallService 227 > OS: Sorry, no such service. > User: CallService 226 > 226> OpenForWrite <victim's filename> > Sorry, you don't have permission to write to someone else's files. > 226> PokeMemory <some address> > Sorry, service 226 has no such command. > 226> SaveThisData <very long string> > Sorry, your data exceeds the size of my buffer. > 226>
You've just described the essense of the unix system call API. The only difference is that since using a syscall each time to access memory would be very slow, syscalls are instead used to set up memory regions, which are protected by the processor's MMU and which processes cannot write outside of. cat /proc/self/maps Any API of this sort is still vulnerable to bugs in the validation of the data and commands though, such as the lack of bounds checking in the brk() hole. It's also vulnerable to bugs in the processor, such as the old Intel f00f bug. -- see shy jo
signature.asc
Description: Digital signature
