Sorry for the long mail. I have a question regarding the feasibility of the implementation
of an idea in the linux kernel space. To protect against all forms of security attacks(buffer
overflow etc) people have proposed and implemented address space randomization techniques
wherein the virtual addresses of the stack,heap,data etc segments of a process are changed randomly
during the initialization of a process. This addresses the problems in the userspace quite
effectively. See http://csdl.computer.org/comp/proceedings/srds/2003/1955/00/19550260abs.htm
for more info.
I was just wondering if this could be extended to the kernel space as well ? I know there
are a number of issues like limited virtual addresses in the kernel address space etc. Also
the possibility of security attacks in the kernel space may be very low. But is it possible to
say not use the first few kbytes of the space that the Buddy System manages ?
Would greatly appreciate any info in this regard.
-- Rithin K Shetty Graduate Student (Computer Science) North Carolina State University Raleigh, NC Ph: (919)834-6782 Homepage: http://www4.ncsu.edu/~rkshetty
-- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
