First page Back Continue Last page Summary Graphics

Long-term solution


Obviously, that is a non-optimal solution. It's bad from a security standpoint because it's unnecessarily complex and if any mistakes were made, they could be exploitable holes.
I consider the long-term solution to this to be moving the UML into a completly different address space from its processes.
This would completely solve UML's security problems because processes would not even be able to form a kernel address, so they would not be able to request that kernel data be modified.
This would also solve a problem with the current arrangement that UML is detectable by a process looking for strange data in the upper reaches of its address space. It may not be writeable, but it is certainly detectable. Even if it could be unmapped totally, there would still be a mysterious hole there that would be the signature of being in a UML.