Circumventing kernel signing

Bernardo Innocenti bernie at laptop.org
Thu Jan 3 00:48:06 EST 2008


John Richard Moser wrote:

> VECTOR 1:  kexec()
> [...]
> VECTOR 2:  unsigned module
> [...]

Unless we disable things such as /dev/mem, I also see a much
wider attack vector, where one can inject arbitrary code in
the kernel and recreate the conditions of these.  And there
are many alternative strategies based on commonly available
interfaces.

Some people seem to believe that one can give root access to
a system and at the same time keep it locked down.  While this
seems possible in theory, I'm still waiting to see a practical
implementation that resists Random J. Hacker while preserving
the user's and application's expectations of what root can
normally do.

-- 
 \___/
 |___|   Bernardo Innocenti - http://www.codewiz.org/
  \___\  One Laptop Per Child - http://www.laptop.org/



More information about the Devel mailing list