#3914 HIGH V1.1: Protect Kernel Memory to secure the DRM against the user (was: Protect Kernel Memory.)
Zarro Boogs per Child
bugtracker at laptop.org
Wed Oct 17 05:21:05 EDT 2007
#3914: Protect Kernel Memory to secure the DRM against the user
-----------------------+----------------------------------------------------
Reporter: mstone | Owner: krstic
Type: defect | Status: new
Priority: high | Milestone: V1.1
Component: security | Version:
Resolution: | Keywords: security
Verified: 0 |
-----------------------+----------------------------------------------------
Comment(by gnu):
DRM has become a pervasive OLPC design philosophy. (Why else would this
bug be assigned "blocker" or "high" priority?) "We have to lock down
every piece of the machines, because any open part can be used to subvert
the DRM." Therefore, no parts will end up open.
I've been watching the destructive effect of all this on the home
entertainment industry for years. Cripple, cripple, cripple is their
rallying cry. How useful for the children. Unfortunately, you picked the
wrong code base to start from, if that is what you want.
I have an idea. Don't let the user log in as root. Then you won't have
to remove the kmem driver, which is designed to give root exactly the
access this bug report is intent on denying. You can secretly set the
root password to "service" or something, like DEC used to do. That'll be
real secure. The system will be impossible to administer, but hey, you
can always reflash it with a new proprietary software load signed by the
manufacturer.
--
Ticket URL: <https://dev.laptop.org/ticket/3914#comment:4>
One Laptop Per Child <https://dev.laptop.org>
OLPC bug tracking system
More information about the Bugs
mailing list