On Tue, Feb 20, 2018 at 1:32 PM Luck, Tony <tony.luck@xxxxxxxxx> wrote: > The immediate problem is the denial of service attack. I have > a nagging worry that allowing a user to cause an SMI at a precise > time might also be a problem. But I don't know how that could be > leveraged in some other attack. The thing that worries me here is that if it's possible for root to potentially attack the kernel then just changing the permissions is still allowing an escalation of privilege. The other approaches would also block this. -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
