Casper Dik says: > >> Name a couple for us then. I personally have seen only one security > >> hole in a kernel in the past several years -- the division bug under > >> older SunOS. Virtually every alert is related to a program thats > >> setuid root, or that is needlessly running with root privileges (like > >> sendmail). > > A number of SunOS ones: divide by zero, imul, idiv emulation (two > seperate bugs), PTRACE_ATACH (in SunOS 4.0.x). There was some bug > in early Solaris versions inwindow underflow/overflow traps too > (unconfirmed). There are also ones reported in V6 or V7 unix. Compare this to the almost weekly reports of security bugs at user level, and I believe my point is proven. Kernel security bugs show up maybe once every year or two -- none that I know of has appeared in 4.1.X SunOS, and its been running for several years now. Just looking at SunOS, there have been three sendmail bugs, some rdist bugs, some bugs with SUID LD_LIBRARY_PATH handling, etc, etc. One shows up every few months. I agree that one must keep track of the bugs out there, BUT if one is running a public access system that one expects to be regularly attacked, its probably better to make the system inherently safe by removing the places that security bugs could crop up. Perry