Circumventing kernel signing
John Richard Moser
nigelenki at comcast.net
Thu Jan 3 00:58:52 EST 2008
Bernardo Innocenti wrote:
> John Richard Moser wrote:
>
>> VECTOR 1: kexec()
>> [...]
>> VECTOR 2: unsigned module
>> [...]
>
> Unless we disable things such as /dev/mem, I also see a much
> wider attack vector, where one can inject arbitrary code in
> the kernel and recreate the conditions of these. And there
> are many alternative strategies based on commonly available
> interfaces.
>
Thank you for seeing that one. grsecurity has code to resist this type
of attack (allows writing to /dev/mem in video memory range, but nowhere
else); I don't know how else to do it.
> Some people seem to believe that one can give root access to
> a system and at the same time keep it locked down. While this
> seems possible in theory, I'm still waiting to see a practical
> implementation that resists Random J. Hacker while preserving
> the user's and application's expectations of what root can
> normally do.
>
I did not address the mass of other crap you could do to the system with
root. I was only addressing evading the OFW security implementation for
only booting signed OSes.
--
Bring back the Firefox plushy!
http://digg.com/linux_unix/Is_the_Firefox_plush_gone_for_good
https://bugzilla.mozilla.org/show_bug.cgi?id=322367
More information about the Devel
mailing list