From:	"John M. Aldrich" <fighteer AT cs DOT com>
Newsgroups:	comp.os.msdos.djgpp
Subject:	Re: Ring 0?
Date:	Sun, 09 Mar 1997 16:52:13 -0800
Organization:	Two pounds of chaos and a pinch of salt
Message-ID:	<33235B3D.681C@cs.com>
References:	<5fivnk$cfc AT freenet-news DOT carleton DOT ca> <5fte3k$h5h AT freenet-news DOT carleton DOT ca>
Reply-To:	fighteer AT cs DOT com
NNTP-Posting-Host:	ppp104.cs.com
Mime-Version:	1.0
Lines:	28
To:	djgpp AT delorie DOT com
DJ-Gateway:	from newsgroup comp.os.msdos.djgpp

Paul Derbyshire wrote:
> 
> As for a ring 3 program being unable to currupt the kernel, I'm not sure
> this is entirely correct. I discovered that a DOS program running in a DOS
> box under Win 95 (and DOS boxes presumably run in ring 3) can crash the
> machine with a bad memory write.

All DOS programs are not DPMI programs.  Real-mode code that runs in a
DOS box will completely ignore the memory manager and can go ahead and
corrupt anything it likes.  Usually, Win95 will catch the program at it,
but it can still take down your computer.

As for DPMI progs themselves crashing things, it's only too easy.  All
they have to do is farpoke in the wrong place, and *BOOM*.  Win95's DPMI
host doesn't trap NULL page memory accesses either, so rogue pointers
can also trash stuff.  In general, DOS systems are terribly insecure, no
matter how many levels of protection programmers try to hack into them. 
:(

-- 
John M. Aldrich, aka Fighteer I <fighteer AT cs DOT com>

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCS d- s+:- a-->? c++>$ U@>++$ p>+ L>++ E>++ W++ N++ o+>++ K? w(---)
O- M-- V? PS+ PE Y+ PGP- t+(-) 5- X- R+(++) tv+() b+++ DI++ D++ G>++
e(*)>++++ h!() !r !y+()
------END GEEK CODE BLOCK------

- Raw text -