Re: X only needs CAP_SYS_RAWIO to start -- can be disabled after up

From: Mark Gray (markgray@iago.nac.net)
Date: Mon Jul 24 2000 - 05:55:00 EST


James Sutherland <jas88@cam.ac.uk> writes:
[snip]
> On 24 Jul 2000, Mark Gray wrote:
>> It drops root privileges once it is up and running.

> It no longer needs root privilege for anything, since it has
> bypassed Linux's controls almost completely. It's running at iopl3,
> which gives it pretty much complete access to everything. Whether it
> is root or not no longer matters.

You got to trust somebody -- why in the world do you trust gcc? (Re:
Ken Thompson's article)

>> [snip]
>> You have the source to X -- they are not up to anything devious or
>
> I never said they were up to something devious. It isn't X we have the
> source to, BTW, it's XFree86. That's like saying "you have the source to
> unix" when discussing the Linux kernel...

Well, XFree86 is derived directly from the source for X -- it was not
developed by itself like Linux

>> would have been found out by now IMO, and iopl() does not give it the
>> ability to regain CAP_SYS_RAWIO.
>
> It could if it wanted. For that matter, it could almost certainly delete
> the kernel image and all the other processes from memory, then load DOS
> instead.

Why trust gcc (or any compiler) then?

>> You can disable iopl() once you no longer need it though is the point.

> OK, you can prevent OTHER software using it, once XFree86 is loaded. So
> what? XFree86 has already switched off all the security in its little
> area, so it can do what it wants when it wants.

I trust the copy of X on my computers (apart from which I am a retired
Systems Programmer/hobbyist who does not really care what happens to
my systems (except of course for the purposes of "keeping score" on my
prowess as a "power user")

>> (I love X -- I have 5 X servers scattered about the house all logged
>> into my main server, with networked sound, a single Emacs displaying
>> on all computers -- it is a hackers paradise which no other GUI has
>> ever approached to my knowledge.)
>
> X isn't a GUI...

I was referring to the entire shebang of gnome+enlightenment+esound
networking seamlessly (but the "word" GUI was not invented when I was
in school so I will not argue about the definition).

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Mon Jul 31 2000 - 21:00:16 EST