funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Pentium Computers Vulnerable to Attack?

From: Valdis.Kletnieks () vt edu
Date: Tue, 11 Apr 2006 20:52:39 -0400
On Tue, 11 Apr 2006 19:16:06 CDT, Matthew Murphy said:


of physical memory.  The attack is sophisticated, rare and non-trivial,
but the idea is that you can gain root privileges and then write to
/dev/xf86.


Get root, and then use that to get root. What's wrong with this picture? :)

As I said - unless he found a way to do it from user mode, it's not interesting.

Of course, if /dev/xf86 is user-writable, and you use that to scribble on
SMM memory, thus trashing the SMM and getting root - *that*s an interesting
flaw in the /dev/xf86 implementation...


SMM is a way to break out of them.  Frankly, if you're running X and MAC
on the same box, that's a bit of a messed up security posture to me.


Actually, people are working on an SELinux-enhanced X, and I suspect that
proper use of the X Security extension would by itself make it MAC-tolerant.

Attachment: _bin
Description: 

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: