81151b17   
   XPost: comp.arch.embedded, comp.os.linux.networking   
   From: tw@dionic.net   
      
   David Schwartz    
     wibbled on Monday 22 February 2010 05:57   
      
   > On Feb 21, 6:22 pm, karthikbalaguru    
   > wrote:   
   >   
   >> > Note that this is a key weakness of the 'process-per-connection'   
   >> > model, and I recommend just not using that model unless it's mandated   
   >> > by other concerned (such as cases where security is more important   
   >> > than performance).   
   >   
   >> But, how is that technique of 'process-per-connection' very   
   >> helpful for security ?   
   >   
   > Processes are isolated from each other by the operating system and can   
   > have their own security context. Threads share pretty much everything.   
      
   Specifically for the OP, threads can stamp all over the memory of sister   
   threads. Processes can not do this, unless they are running with privilege   
   (eg root or the correct capability bit set) - even then it would be a PITA.   
      
   Never trust the input data - ever. You may think the threads cant touch each   
   other, but lack of checking on bad input data (from the socket) causing   
   thread confusion and buffer smashing is the classic hack.   
      
   Process isolation is another layer of protection, though it is no excuse for   
   not sanitising the data too :)   
      
   --   
   Tim Watts   
      
   Managers, politicians and environmentalists: Nature's carbon buffer.   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)