Bug#524373: linux-2.6: /dev/mem rootkit vulnerability
On Thu, 16 Apr 2009 23:50:54 -0600 dann frazier wrote:
> > > The support for dynamically loadable kernel modules in Linux can be
> > > abuses similarly. Does that make it a "grave security issue"?
> >
> > probably...at least until someone comes up with a secure way to do it.
>
> Oh, come on.
>
> grave
> makes the package in question unusable or mostly so, or causes
> data loss, or introduces a security hole allowing access to the
> accounts of users who use the package.
>
> Is the kernel really unusable/insecure because a root user can do
> something bad? Wouldn't that give every package a grave bug by
> definition?
maybe the definition needs to be rethought in the context of rootkits.
i think the kernel has to be considered more insecure under the
influence of a rootkit (since rootkits make it much harder to detect
that your system has be compromized).
> I certainly don't consider this issue invalid - and in fact, we have
> taken action to resolve it for the next release - but please don't
> blow it out of proportion.
i'm not trying to blow it out of proportion; just trying to make sure
that the issue gets the consideration that it deserves.
Reply to: