Hi,
On Thursday, 11. May 2006 17:47, linux-os (Dick Johnson) wrote:
> If the SMRAM control register exists, the D_LCK bit can be set
> in 16-bit mode during the boot sequence. This makes the SMRAM
> register read/only so the long potential compromise sequence
> that Mr. Duflot describes would not be possible. If the control
> register doesn't exist, then the vulnerably doesn't exist.
>
> The writer doesn't like the fact that a root process can execute
> iopl(3) and then be able to read/write ports. He doesn't like
> the fact that the X-server can read/write ports from user-mode.
>
> Sorry, the X-server is too large to go into the kernel. It's
> a lot easier to modify the boot-loader to set the D_LCK bit
> if the security compromise turns out to be real.
That sounds like a good move.
Any patches?
I would love to review them!
Regards
Ingo Oeser
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]