Linux could be changed to prevent a whole class of potential future page cache exploits.
'/usr/bin/su' and '/bin/su would never be in the memory cache at all ... by default ... except in systems that run entirely in memory.
Perhaps suid binaries should have special sandboxing for forcing them to be read from protected media into sandboxed memory addresses.
Maybe that would be a tougher nut to crack?
#Linux #Fragnesia #DirtyFrag #CyberSecurity #Exploits
Post
Replies:
0
No replies yet
Be the first to share your thoughts.
