Security issues

Duflot Loic loic.duflot at sgdn.pm.gouv.fr
Fri Apr 21 02:25:28 PDT 2006


> why not? insmod kernelmodle.ko - don't. io just inserted code into the kernel.
> root is allowed to do it. there's /dev/mem for more fun. the list goes on. :)

If you have time, take some time to look at the OpenBSD man page for
"securelevel". You will see that once the securelevel is raised, it is
no longer possible to load (or unload for that matter) kernel modules.
It is also no longer possible to write to /dev/mem... That is the whole
point of the securelevel mechanism.

> ie - it's ACCEPTED that x is a kernel-level "service" and anything inside the
> xserver should be treated as such and coded VERY carefully so nothing can
> exploit it from outside the xserver (ie an x client for example). as long as i
> can remember this has been the general view of x as such. sure - i do see your
> point, but i am not entirely sure it's something people haven't known for a
> long time and already accepted as "that's how it works - so make it rock solid".

I do agree people have known this for a long time. The scheme only shows
one way to do so even when root privileges are heavily restricted.
But I do not agree that we should not move forward. I mean, why should a
"kernel" component (as you say) run in userspace? Why should this be
Accepted?
A few years ago it was accepted that women should not vote...
Fortunately enough, somebody was bold enough to actually decide it
should be otherwise... ;-)

Cheers,
Loïc
-------------------
Loïc Duflot
SGDN/DCSSI/SDS
http://www.ssi.gouv.fr/




More information about the xorg mailing list