[kwlug-disc] System security
Mikalai Birukou
mb at 3nsoft.com
Tue Sep 13 09:57:19 EDT 2022
Over yesterday's animated discussion, for which I am deeply thankful,
the following was voiced, and it feels important to elaborate on.
Processes/applications should not be allowed to "stick their fingers"
into other processes' or system/kernel's memory.
All those "overflow and jump" depend on ability to mangle memory of
other processes.
Virtualization as a security measure is mostly placing memory barriers.
DefCon loves talks about escape from vm's memory. All those row hammer,
meltdown and spectre type bugs are about looking at and messing with
other's memory.
Is this a correct overall view?
If so, can we say that it is paramount feature of system to ensure
memory boundaries between processes?
The second aspect is what capabilities/permission are given to
processes, and can user control them. Flashlight program shouldn't get
to read my tax returns. Memory enforcement keeps snakes separated.
Capabilities/permissions let user adjust each snake's compartment. But
without memory enforcement capabilities/permissions can sooner or later
be overcome.
Is this second statement correct?
More information about the kwlug-disc
mailing list