Re: Add a "enable" sysfs attribute to the pci devices to allow userspace (Xorg) to enable devices without doing foul direct access

From: Jon Smirl
Date: Tue May 02 2006 - 21:25:18 EST


On 5/2/06, Matthew Wilcox <matthew@xxxxxx> wrote:
On Tue, May 02, 2006 at 05:52:09PM -0400, Jon Smirl wrote:
> Have you seen this method of getting root from X?
> http://www.cansecwest.com/slides06/csw06-duflot.ppt
> It is referenced from Theo de Raadt interview on kerneltrap
> http://kerneltrap.org/node/6550

That's a great indication of why securelevels aren't.
It pretty much fits the Linux model of "once you're root, you can do
anything". The POSIX Capabilities really don't help either.
I suppose SELinux might be able to help, but I don't care to get into
that discussion here ;-)

And there is the root exploit found by Coverity this week too:
http://news.yahoo.com/s/zd/20060502/tc_zd/177195

X is multiple megabytes of code needlessly running as root. If we
could convince X to use device drivers to talk to the hardware it
wouldn't need to run as root. This is part of why I am against this
patch, it is another crutch to let X keep on running as root instead
of fixing the underlying problem.

--
Jon Smirl
jonsmirl@xxxxxxxxx
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/