Moving Vulnerable Kernel Logic Into User Space
Loading...
Authors
Advisors
Journal Title
Journal ISSN
Volume Title
Repository Usage Stats
65
views
views
434
downloads
downloads
Abstract
Programs which run at ring zero are a security risk. Moving code into user space can mitigate this risk. As a demonstration, a simple kernel module with vulnerable logic was used as a control case. This module was capable of targeted data exfiltration from the kernel. It was shown that moving the application logic into user space decreased the severity of the vulnerability. Furthermore, rewriting the user space program in Guile – a very high-level language – removed the vulnerability entirely.
Type
Thesis