It's flick, then swish

So the next part of the little Q&A series on...well, QA;

3.) What security considerations do you take into account when designing and developing a kernel mode driver?

Validate user mode pointers and check the buffers to and from user mode. ;)

That was a little inside joke for the person who asked the question.  Seriously security and kernel mode are almost at odds with one another when you really think about it.  Kernel mode is implied to be a trustworthy environment so anybody that's down there with you is expected to behave like a good citizen.  And anybody that can talk to you from the nether region (user mode) should be treated as an enemy.  As security for kernel mode drivers is something of a loaded question in the end, the best advice I can offer here is; Anything that can be accessed by anybody outside your driver should have some form of defense built in to it.  I.e. if you have an external callback, think about how that that could be used as an attack entry point.  Could somebody float recursive calls to that callback and cause a stack over flow?

That's about the only weird tip I can give other than using what's published here and here as a base.


*Currently playing - Rush Faithless