Re: Security Implications of DKMS?

To: Rares Aioanei <debian.dev.list@gmail.com>
Cc: David Ehle <ehle@phys.iit.edu>, debian-security@lists.debian.org
Subject: Re: Security Implications of DKMS?
From: Yves-Alexis Perez <corsac@debian.org>
Date: Tue, 27 Mar 2012 15:48:42 +0200
Message-id: <1332856122.7611.3.camel@scapa>
In-reply-to: <4F71A21C.9010301@gmail.com>
References: <alpine.DEB.1.10.1203261023150.10762@agni> <4F71A21C.9010301@gmail.com>

On mar., 2012-03-27 at 14:18 +0300, Rares Aioanei wrote:
> I see that as a myth. Look at it this way: if an attacker already has 
> access to your machine, he/she can install anything he/she wants, 
> including compilers, interpreters, whatever. 

A good way to prevent that is to enforce W^X. There are various kernel
ways to do that (MAC, Grsec trusted execution path), but also at mount
time, it might be interesting to not have rw and exec on the same
filesystem.

Regards,
-- 
Yves-Alexis

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

Follow-Ups:
- Re: Security Implications of DKMS?
  - From: Mike Mestnik <cheako@mikemestnik.net>

References:
- Security Implications of DKMS?
  - From: David Ehle <ehle@phys.iit.edu>
- Re: Security Implications of DKMS?
  - From: Rares Aioanei <debian.dev.list@gmail.com>

Prev by Date: Re: Security Implications of DKMS?
Next by Date: RE: [SECURITY] [DSA 2443-1] linux-2.6 security update
Previous by thread: Re: Security Implications of DKMS?
Next by thread: Re: Security Implications of DKMS?
Index(es):
- Date
- Thread