Archive | Security RSS feed for this section

Privilege Escalation in uClinux

The main difference between Linux and uClinux is that the latter is designed to work with systems without an MMU (Memory Management Unit). The main benefit of an MMU is that systems that utilise them can provide each process with it’s own virtual address space – by doing so each process is prevented from causing disruption to others.

uClinux systems do not have an MMU, all processes share a common address space and so there is often – but not always (see comments at the end of this post), no protection from processes interfering with each other. The security implications of this are widely known and understood – the applications of uClinux systems are usually such that this isn’t of great concern. However I wanted to see this for myself – I wanted to put the theory in practice and see how easy it is to disrupt another process and to see if privilege escalation can be achieved.

Continue Reading →