On Tue, May 16, 2006 at 03:26:39PM +1000, Steffen Kluge wrote:
> On Sat, 2006-05-13 at 16:18 +0200, Ed White wrote:
> > It seems XFree people disagree...
> > [...]
> > ...and some Linux developers too...
> >
> > Alan Cox: What it essentially says is "if you can hack the machine enough
> > to
> > get the ability to issue raw i/o accesses you can get any other power you
> > want". Thats always been true. Using SMM to do this seems awfully hard
> > work.
>
> He said that in reply to you saying:
>
> > The big problem is that the attack is possible thanks to the way X
> > Windows is designed
>
> He didn't comment on whether X is flawed or not, but rather that from a
> Linux perspective this whole issue is a storm in a tea cup. In
> (distribution default) Linux it is always possible for root to get ring
> 0 access. Simply because root can load kernel modules. That's what root
> kits do. Fumbling registers through a hacked X server is a novel but
> rather complicated way, in comparison.
>
> Hence, securing a Linux server has always meant (besides removing X and
> tons of other crud) to build a kernel that doesn't support loadable
> modules.
And adding something to ensure that /dev/*mem cannot be written by root.
There exist pre-written rootkits which load directly via /dev/mem, IIRC.
Of course, simply disabling loadable modules does do some good...
Joachim
