Comment Major caveat from another article (Score 1) 139
Note that most modern systems actually specifically disallow mapping the NULL page, out of security concerns. To run the following example on a recent Linux machine at home, you'll need to run # echo 0 >
/proc/sys/vm/mmap_min_addr as root, first.
So under normal circumstances, even with a NULL dereference in the running kernel, this method would not allow you to gain root privileges.
My question is, what legitimate reason might there be for a system to allow applications to map the NULL pointer? Is there a class or role of machines where this might be expected to work?