[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian Server Compromise -- A Fire Drill ??

On Thu, 04 Dec 2003 18:00:18 +0100, Tom <tb.31123.nospam@comcast.net> wrote:

>On Thu, Dec 04, 2003 at 10:15:12AM -0600, John Hasler wrote:
>> ...  That's why the kernel
>> developers thought it was just an ordinary bug: they could see no way to
>> exploit it.
>That statement is somewhat disconcerting.  The hypothesis is that many
>eyes detect secure bugs, and here is clear case evidence contradicting
>that hypothesis.

There is no contradiction. Many eyes detect most security problems, but not all. This is certainly better than just a few eyes with access to proprietary code.

>One must assume there are more bugs in this class.

That is my assumption. The only thing that would give me confidence that there are no holes would be a common process for connecting raw input to privileged routines -- a process which is so simple that everyone can see it is robust. Such a process exists to isolate different privilege levels in the instruction set of a microprocessor. It seems like something similar could be done to isolate routines that run with root privilege.


Reply to: