u/DontFreeMe

In case you haven't been paying attention. Last week, two new Linux LPE vulnerabilities were discovered and leaked. One only works on machines without AppArmor, the other works on all machines. And this is AFTER the "Copy Fail" vulnerability that came before.

The root cause of these vulnerabilities all seem to be the same: corrupt a cached suid file in memory and execute it. But I think the cause is deeper. All of these vulnerabilities exploit some kind of kernel system for in-place cryptography.

In place cryptography may save a couple of memory transfers, but it comes at a cost of much greater complexity, since now the kernel has to make sure that all user-passed pointers are valid and should be allowed to be written to. And the Linux kernel has failed to handle such complexity in at least three separate cases.

OpenBSD had it right. If you want a secure operating system, you have to sacrifice some micro-optimizations and features for the sake of much reduced complexity. And reduced complexity is the only way to have a truly secure operating system.