On Tue, May 16, 2006 at 03:26:39PM +1000, Steffen Kluge wrote: > On Sat, 2006-05-13 at 16:18 +0200, Ed White wrote: > > It seems XFree people disagree... > > [...] > > ...and some Linux developers too... > > > > Alan Cox: What it essentially says is "if you can hack the machine enough > > to > > get the ability to issue raw i/o accesses you can get any other power you > > want". Thats always been true. Using SMM to do this seems awfully hard > > work. > > He said that in reply to you saying: > > > The big problem is that the attack is possible thanks to the way X > > Windows is designed > > He didn't comment on whether X is flawed or not, but rather that from a > Linux perspective this whole issue is a storm in a tea cup. In > (distribution default) Linux it is always possible for root to get ring > 0 access. Simply because root can load kernel modules. That's what root > kits do. Fumbling registers through a hacked X server is a novel but > rather complicated way, in comparison. > > Hence, securing a Linux server has always meant (besides removing X and > tons of other crud) to build a kernel that doesn't support loadable > modules.
And adding something to ensure that /dev/*mem cannot be written by root. There exist pre-written rootkits which load directly via /dev/mem, IIRC. Of course, simply disabling loadable modules does do some good... Joachim