On Thu, 20 Jul 2000, Andre Hedrick wrote:
> On Fri, 21 Jul 2000, Oliver Xymoron wrote:
>
> > On Thu, 20 Jul 2000, Andre Hedrick wrote:
> >
> > > The object is to protect this from happening even if you are ROOT or have
> > > stolen ROOT priviledges.
> >
> > You can't stop root from doing anything, even in theory - root has access
> > to the kernel image, either on disk or in RAM and can patch it to do
> > whatever they'd like..
> >
> > It's nice to protect from doing stupid things by accident, but let's not
> > pretend we're doing anything more than that.
>
> But we are and I guess you just can't see that point or I can not explain
> it so you can...sorry
Andre, what's to prevent root from coming in, replacing your safe kernel
2.4.0 with unsafe 2.2.x, rebooting, and exploiting the hole? Or loading a
module which is basically the old IDE driver or altering the kernel memory
image or directly writing to hardware? Nothing. Root is inherently allowed
to do this. They can even install Windows on you which is arguably worse
than a dead drive.
If root is hostile, you're dead. You cannot secure a system against a
hostile root except by making backups. Therefore, this is not a security
issue.
On the other hand, if root is being clumsy and asking the kernel to do
something silly, we can put a small obstacle in the way of that if it's
not too much trouble.
-- "Love the dolphins," she advised him. "Write by W.A.S.T.E.."- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:15 EST