On 21 Jul 2000, David A. Wagner wrote:
> Andrew McNabb <amcnabb@argus-systems.com> wrote:
> > Let me try to understand what you're saying...
> > It is established that a system's interface allows programs to
> > physically destroy a disk drive, without providing any benefit
> > whatsoever. However, since it's possible to fry other hardware,
> > too, why bother with this problem???
> >
> > The fact of the matter is, that it is wrong for a program to
> > destroy hardware. It is the kernel's job to ensure that it
> > can't.
>
> Ahh, but you've set up an impossible burden. It is _impossible_
> for the kernel to ensure that a malicious hacker who has obtained
> root on your machine does not destroy your hardware. After all,
> that hacker can always re-install an old, unsafe kernel version
> and ioctl() away, or even bit-bang directly to the raw device!
David,
You are the security expert.
Explain the 'shellstack' push, and why the micro-apps that I have shown
are of the scale to do this deed with non-root priviledge.
Respectfull,
Andre Hedrick
The Linux ATA/IDE guy
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:17 EST