Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

  • Is your sales and operations planning helping or hurting your bottom line? Here are 5 useful tips from the experts at Quintiq to guide you to a better...
    Download

  • On-demand Event Event Date: June 12, 2014 In the past, IT service management (ITSM) and IT infrastructure library (ITIL) basics might have been more...
    Download

More on LinuxToday


A Linux security story

Jul 17, 2009, 19:32 (9 Talkback[s])
(Other stories by Steven J. Vaughan-Nichols)

[ Thanks to Steven J. Vaughan-Nichols for this link. ]

"But, and from a technical standpoint this is where it gets interesting. The programmer's code that does this looks innocent. It only after the gcc "compiler takes this into its hands, while optimizing the code, the compiler will see that the variable has already been assigned and will actually remove the if block (the check if tun is NULL) completely from the resulting compiled code. In other words, the compiler will introduce the vulnerability to the binary code, which didn't exist in the source code. This will cause the kernel to try to read/write data from 0x00000000, which the attacker can map to userland - and this finally pwns the box."

"Scary isn't it? You see, because it's working at such a low level, this vulnerability can be used to dodge around SELinux (Security Enhanced Linux), AppArmor and other Linux security programs."

Complete Story

Related Stories: