Re: /dev/mem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Oct 27, 2010 at 02:24:06PM -0700, Dave Hylands wrote:
> Hi Jonathan,
> 
> On Wed, Oct 27, 2010 at 1:00 PM, Jonathan Neuschäfer:
> > On Wed, Oct 27, 2010 at 03:40:29PM -0400, John Mahoney wrote:
> >> --snip--
> >>
> >> > 1. no system can be 100% secure, but we can try to be closure.
> >> > 2. Writting a rootkit in kernel space could be 100 times harder compared to
> >> > security attacks in user space for cases like where you can assess complete
> >> > memory map.
> >> >
> >> > I think I am making my point more cleare now.
> >> >
> >> >
> >> Basically, this boils down to the ancient debate of microkernel vs
> >> monolithic kernel.  In Linux all memory is accessible by root regardless of
> >> /dev/mem.
> >>
> >> --
> >> John
> > Via simple pointers?
> 
> Yes - provided it hasn't been swapped out.
> 
> There are a few exceptions for a few processors with segmented memory
> and other funky stuff, but generally, all of the memory is accessible
> from kernel space by the use of a simple pointer.
> 
> -- 
> Dave Hylands
> Shuswap, BC, Canada
> http://www.DaveHylands.com/

This makes pointer bugs in the kernel especially nasty. :-)

What John wrote confused me because I interpreted `by root' as `by any process
running with UID zero'.

--
Jonathan

--
To unsubscribe from this list: send an email with
"unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx
Please read the FAQ at http://kernelnewbies.org/FAQ



[Index of Archives]     [Newbies FAQ]     [Linux Kernel Mentors]     [Linux Kernel Development]     [IETF Annouce]     [Git]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux SCSI]     [Linux ACPI]
  Powered by Linux