James Sutherland <jas88@cam.ac.uk> writes:
> On 24 Jul 2000, Mark Gray wrote:
>
>>
>> I just wanted to point out something a lot of people may be missing,
>> and that is that once X is up and running, it is quite alright to
>> disable CAP_SYS_RAWIO
[snip]
>> Fatal server error:
>> xf86EnableIOPorts: Failed to set IOPL for I/O
> In other words, when it starts, it completely disables all OS protection
> for itself. Of course it no longer needs any capabilities - capabilities
> can no longer be enforced for it!
It drops root privileges once it is up and running.
[snip]
>> Capabilities are a splendid feature which needs to be more widely used
>> on Linux servers in my opinion. It has the potential to be a very
>> popular feature if properly applied.
> And X doesn't. It uses one capability to disable subsequent capability
> enforcement completely.
You have the source to X -- they are not up to anything devious or
would have been found out by now IMO, and iopl() does not give it the
ability to regain CAP_SYS_RAWIO.
It is too large to verify line by line on one's own I grant, and the
binary only modules for XFree86-4.* are an abominable plot against
Free software, but I have 3.3.6 and plan to do my own X hacking from
now on if that is the way it is going to be.
>> (Just a little fact that people following the security discussion from
>> afar may have missed because it is not being mentioned.)
> iopl() is a horrible abomination - as is X, for that matter :-(
"You can not please everybody, so you got to please yourself"
You can disable iopl() once you no longer need it though is the point.
(I love X -- I have 5 X servers scattered about the house all logged
into my main server, with networked sound, a single Emacs displaying
on all computers -- it is a hackers paradise which no other GUI has
ever approached to my knowledge.)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Jul 31 2000 - 21:00:16 EST