First page Back Continue Last page Summary Graphics
Long-term solution
That sucks
Ultimate solution - put UML kernel in different address space
Many problems vanish
- UML totally undetectable
- can't probe upper addresses to test for honeypot
Notes:
Obviously, that is a non-optimal solution. It's bad from a security standpoint because it's unnecessarily complex and if any mistakes were made, they could be exploitable holes.
I consider the long-term solution to this to be moving the UML into a completly different address space from its processes.
This would completely solve UML's security problems because processes would not even be able to form a kernel address, so they would not be able to request that kernel data be modified.
This would also solve a problem with the current arrangement that UML is detectable by a process looking for strange data in the upper reaches of its address space. It may not be writeable, but it is certainly detectable. Even if it could be unmapped totally, there would still be a mysterious hole there that would be the signature of being in a UML.