Matthew Miller wrote: > > On Mon, Feb 11, 2008 at 06:00:14PM -0500, Ross S. W. Walker wrote: > > > > I wonder if any existing user-land utilities have hooks into > > > > vmsplice that may be able to be accessed via PHP, Perl, or CGI? > > > It's a system call. > > Yes, but conceivable an application can make use of such a system > > call since it is exploitable from user land and hence the concern. > > Well, the point is there's nothing wrong with the system call > *inherently*. > There's just a flaw in its implementation which a > carefully-crafted program > can exploit. A program which just happens to use the system > call as it is > intended to be used isn't any more dangerous than any other code. Sorry this thread keeps getting taken further out of context on each reply. Yes I understand there is nothing inherently wrong with the concept of the vmsplice() system call and it adds a lot of benefit to the Linux kernel. But if an application uses a system call, and that call to the system API depends on user input that isn't properly checking bounds, then said application can be used as a vector to system penetration. That is all I am saying and was asking if anybody knew if such a vector existed in any PHP, Perl or CGI module as it would be the most likely method of leveraging the flaw if one did not have a shell account on that machine. -Ross ______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.