Am 20.02.2018 um 13:57 schrieb Gert Wollny: > Am Dienstag, den 20.02.2018, 13:33 +0100 schrieb Michael Biebl: >> Am >> >>> make it lock up in this loop, but if someone can spoof this kind of >>> message and the system locks up because of this, wouldn't this be a >>> typical DoS attack? >> >> How could an unprivileged user spoof such messages? > > I am by no means a security expert, but doesn't the story usually go: > someone finds a bug that allows an escalation of rights that allows > them to do certain things, in the extreme case they can open a root > shell, in another case they may be able to set the RTC to a bogus value > that triggers the kernel to flood timerfd with messages that lock up > the system. Of course that is not a very likely scenario, but to me it > seems possible.
If an attacker can get a root shell, you have lost anyway. As for the other cases, those are all hypothetical at this point, right? -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Pkg-systemd-maintainers mailing list Pkg-systemd-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-systemd-maintainers
