Re: A required change? Re: [linux-security] Re: kerneld and module security
> On Mon, 29 Sep 1997 15:05:20 -0400 (EDT), Patrick Cantwell wrote:
>
> Seems like a serious hole to me. I just changed the permissions on my box, and
> think it it warrants debian to change policy regarding permissions and modules.
> >#5 make /usr/lib/modules root read/write only
I believe there was no advantage to this solution
> >> Corollary: Any module in /lib/modules can be loaded into kernel memory by
> >> any user at any time. There are potential denial-of-service attacks
> >> from autoprobes and device initialization all kinds of other goo that
> >> I wish I didn't have to think about here.
The above is true, because the process insmod-ing the module is setuid.
So, whatever permissions /lib/modules have, that hole isn't affected
by them. (As reported in later messages in linux-security).
Also, the security hole wasn't all that big, as all that was possible
was denial of service attacs: most systems don't have /lib/modules
world-writable, so users cannot add that "setuid wrapper module"
mentioned, and thus cannot insert it at will.
--
joost witteveen, joostje@debian.org
#!/usr/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
#what's this? see http://www.dcs.ex.ac.uk/~aba/rsa/
Reply to: