LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 11-15-2012, 05:33 PM   #1
WinonuX
LQ Newbie
 
Registered: Nov 2012
Distribution: Fedora, Debian, Slackware
Posts: 5

Rep: Reputation: Disabled
Question Is SIGSEGV a security feature against malware?


Hi everyone

I've been studying about Linux security features recently and after that I came up with this question:

Is SIGSEGV (Segmentation Violation Signal) a security feature against malware? Or it's just a way to control processes?

Any help is appreciated.
 
Old 11-15-2012, 07:37 PM   #2
linosaurusroot
Member
 
Registered: Oct 2012
Distribution: OpenSuSE,RHEL,Fedora,OpenBSD
Posts: 761
Blog Entries: 2

Rep: Reputation: 197Reputation: 197
No. When computers started serving multiple users the main protection idea was that you needed to protect one user's work from another user, and you needed to protect the system itself from all the users. And you needed to organise memory and have ways to address it.

Segmentation got involved in memory addressing and a segmentation fault happens when a process tries to use memory not available to it. Malware sometimes gets caught by this accidentally but it's not really a malware defence.

In fact to defend against malware which interferes with the operation of your processes (already running as you, with all the access that gives them) we need a new approach to OS permissioning, and application permissioning and even some sort of permissioning internal to programs that we haven't really got now.

Apparmor and the like are a start; access control depends not only on the user account but also on the program that's running.

The OLPC has a great description of the problem. http://wiki.laptop.org/go/OLPC_Bitfrost#Foreword

The object-capability model is good (and shouldn't be much more work than OO programmimg that people already do) ... but when you do capabilities today the hardware isn't really able to support them. To do good security we're probably going to get better hardware or keep going round in circles.
http://queue.acm.org/detail_video.cfm?id=2382552
http://www.nytimes.com/2012/10/30/sc...ter-at-80.html
 
Old 11-16-2012, 07:07 AM   #3
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,359

Rep: Reputation: 1106Reputation: 1106Reputation: 1106Reputation: 1106Reputation: 1106Reputation: 1106Reputation: 1106Reputation: 1106Reputation: 1106
Your program runs in virtual memory. When your program refers to "pages" of memory that are properly-assigned to it, a segment-fault occurs, Linux finds the pages and automagically makes them available to you ... your program has no idea it's happening. The program automagically tries again and this time it works.

Other areas of memory, however, are off-limits. Linux knows the difference.

But let's say that you've got a bug in your program such that it "goes wild" and tries to do something like, say, write to location $00000000. That's inaccessible memory. The read/write fails, a segment-fault occurs, Linux decides it's an error, and throws the segment-fault exception back to you.
 
Old 11-16-2012, 09:48 AM   #4
WinonuX
LQ Newbie
 
Registered: Nov 2012
Distribution: Fedora, Debian, Slackware
Posts: 5

Original Poster
Rep: Reputation: Disabled
Thumbs up

Thank you for your great replies.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Security Researchers Backtrack on Android Malware Claim LXer Syndicated Linux News 0 07-07-2012 09:31 AM
LXer: Security: Linux, OS X, Unix and Malware (Viruses) LXer Syndicated Linux News 0 12-01-2011 08:00 AM
LXer: Mozilla spreads malware rather than security LXer Syndicated Linux News 0 05-08-2008 11:20 PM
[Security Questions] Last Login, how good is this feature for security breach info? t3gah Linux - Security 2 06-14-2005 01:02 AM


All times are GMT -5. The time now is 03:40 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration