Bug#524373: linux-2.6: /dev/mem rootkit vulnerability
reopen 524373
thanks
On Thu, 16 Apr 2009 16:53:38 -0400 Noah Meyerhans wrote:
> On Thu, Apr 16, 2009 at 04:21:10PM -0400, Michael S. Gilbert wrote:
> >
> > i think that any flaw that allows an attacker to elevate his pwnage from
> > root to hidden should always be considered a grave security issue.
>
> Your argument sounds like the one used by RIAA, MPAA etc, based on the
> DMCA's anti-circumvention clause, to keep things like open source dvd
> players illegal. Just because something can be used for malicious
> purposes, doesn't mean its existance is a bad thing. There are reasons
> for /dev/mem to exist, and why you might want to manipulate kernel state
> through it. Many of these do not involve rootkits.
this is a strawman argument. i never said that /dev/mem needed to go
away. my point was that it needed to be secured against these newly
discovered attacks, and it sounds like CONFIG_STRICT_DEVMEM does this.
> The support for dynamically loadable kernel modules in Linux can be
> abuses similarly. Does that make it a "grave security issue"?
probably...at least until someone comes up with a secure way to do it.
> But as Dann pointed out, we'll have CONFIG_STRICT_DEVMEM in the future
> to help minimize exposure.
this is a very good thing, and i understand that it would cause a lot
of hassle to backport this kind of change to stable since it could
potentially break compatibility. however, that doesn't mean that the
issue shouldn't be tracked. and it certainly doesn't mean that the bug
should be closed. i thought that one of debian's tenants was "we will
not hide problems."
> If you want to continue this discussion, I propose to do it outside the
> BTS.
why? isn't the bts a perfectly good place for discussion?
mike
Reply to: