On Wed, Nov 4, 2009 at 4:14 PM, Todd T. Fries <[email protected]> wrote: > Penned by Justin Smith on 20091104 15:45.33, we have: > | Theo wrote: > | > | > For the record, this particular problem was resolved in OpenBSD a > | while back, in 2008. > | > | Nice, but: > | > | "Since 2.6.23, it has been possible to prevent applications from > | mapping low pages (to prevent null pointer dereferencing in the > | kernel) via the /proc/sys/vm/mmap_min_addr sysctl, which sets the > | minimum address allowed for such mappings." > | > | 2.6.23 released: Tue, 9 Oct 2007 > | > | Ref: > | http://lkml.org/lkml/2007/10/9/241 > | http://james-morris.livejournal.com/26303.html > | > | -- > | JS > > And now we get into the fun stuff. > > Ever heard of 'secure by default' ? > > This knob is set to '0' by default. > > How many Linux installations actually read the above paragraph, understood > what value it could have to set to something other than zero, and changed > it accordingly. > > 'Nuff said.
"By default, Ubuntu 8.04 and later with a non-zero /proc/sys/vm/mmap_min_addr setting were not vulnerable." Ubuntu 8.04 released in 2008 april. -- JS
