funsec mailing list archives
Re: Pentium Computers Vulnerable to Attack?
From: Valdis.Kletnieks () vt edu
Date: Tue, 11 Apr 2006 20:52:39 -0400
On Tue, 11 Apr 2006 19:16:06 CDT, Matthew Murphy said:
of physical memory. The attack is sophisticated, rare and non-trivial, but the idea is that you can gain root privileges and then write to /dev/xf86.
Get root, and then use that to get root. What's wrong with this picture? :) As I said - unless he found a way to do it from user mode, it's not interesting. Of course, if /dev/xf86 is user-writable, and you use that to scribble on SMM memory, thus trashing the SMM and getting root - *that*s an interesting flaw in the /dev/xf86 implementation...
SMM is a way to break out of them. Frankly, if you're running X and MAC on the same box, that's a bit of a messed up security posture to me.
Actually, people are working on an SELinux-enhanced X, and I suspect that proper use of the X Security extension would by itself make it MAC-tolerant.
Attachment:
_bin
Description:
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Pentium Computers Vulnerable to Attack? Fergie (Apr 11)
- Re: Pentium Computers Vulnerable to Attack? Bryan Bradsby (Apr 11)
- Re: Pentium Computers Vulnerable to Attack? Valdis . Kletnieks (Apr 11)
- Re: Pentium Computers Vulnerable to Attack? Stephen J. Smoogen (Apr 11)
- Re: Pentium Computers Vulnerable to Attack? Matthew Murphy (Apr 11)
- Re: Pentium Computers Vulnerable to Attack? Valdis . Kletnieks (Apr 11)
- Re: Pentium Computers Vulnerable to Attack? Dude VanWinkle (Apr 11)
- Re: Pentium Computers Vulnerable to Attack? Dude VanWinkle (Apr 11)
- Re: Pentium Computers Vulnerable to Attack? Dude VanWinkle (Apr 12)
- Re: Pentium Computers Vulnerable to Attack? Matthew Murphy (Apr 12)
- Re: Pentium Computers Vulnerable to Attack? Matthew Murphy (Apr 12)
- Re: Pentium Computers Vulnerable to Attack? Dude VanWinkle (Apr 12)
- Re: Pentium Computers Vulnerable to Attack? der Mouse (Apr 12)
- Re: Pentium Computers Vulnerable to Attack? Florian Weimer (Apr 12)