Hi Kees, Thanks again!
I meant in general, a device driver has access to all of kernel memory. Actually I am not aware of /dev/mem exploit; I will need to do some research. : ) About AppArmor, it is ready to use? What profiles are available now? Will there be any utilities? Woei -----Original Message----- From: Kees Cook [mailto:[EMAIL PROTECTED] Sent: Monday, July 30, 2007 5:29 PM To: Ng, Cheon-woei Cc: ubuntu-server@lists.ubuntu.com Subject: Re: About Ubuntu security On Mon, Jul 30, 2007 at 05:15:34PM -0700, Ng, Cheon-woei wrote: > Thanks for the excellent answers! You're welcome! Your questions are forming the basis of my Ubuntu security FAQ, so really I should be thanking you. :) > I also have a question on the kernel memory space security. > > Based on an experiment created by Mark Allyn (my college), if a device > driver (like audio driver) is poorly written without boundary check, a > user could exploits that security hole and can easily read or write to > anywhere in the kernel memory space via an interface like /dev/audio. > > Is there any security features in Ubuntu that prevent such exploit? So > far the only solution mentioned is to submit all device drivers for > rigorous peers review. Do you mean the /dev/mem interface, or that in general, device drivers have access to all of kernel memory? I am currently unaware of any in-kernel memory segmentation plans. There are upstream plans to implement a form of stack-protection for kernel functions, which should help minimize some attack vectors in buggy drivers. As for /dev/mem, I will need to check the state of progress. There are no Ubuntu-specific changes that I know of, but I know there was work in various upstreams (e.g. kernel and X.org) to deal with the identified deficiencies with that interface. -Kees -- Kees Cook -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server