On Thu, 11 May 2006, Ed White wrote:
A researcher of the french NSA discovered a scary vulnerability in modern
x86 cpus and chipsets that expose the kernel to direct tampering.
http://www.securityfocus.com/print/columnists/402
The problem is that a feature called System Management Mode could be used
to bypass the kernel and execute code at the highest level possible: ring
zero.
The big problem is that the attack is possible thanks to the way X Windows
is designed, and so the only way to eradicate it is to redesign it, moving
video card driver into the kernel, but it seems that this cannot be done
also for missing drivers and documentation!
I would like to hear developers opinion about it...
This is nothing new. SMM isn't, by far, the only dangerous thing root
privileges allow access to.
Contrary to what too many security pundits think, limiting root's power
doesn't solve anything. Like bugs, security issues will forever be
uncovered, whether they be in setuid applications like an X server or in a
kernel itself. The trick, it seems, is to understand where to properly fix
them, instead of sowing workarounds all over the place...
Marc.
+--+---+
| Marc Aurele La France | work: 1-780-492-9310 |
| Academic Information and| fax:1-780-492-1729 |
|Communications Technologies | email: [EMAIL PROTECTED] |
| 352 General Services Building +---+
| University of Alberta | |
| Edmonton, Alberta | Standard disclaimers apply|
| T6G 2H1 | |
| CANADA | |
+--+---+
XFree86 developer and VP. ATI driver and X server internals.
___
XFree86 mailing list
XFree86@XFree86.Org
http://XFree86.Org/mailman/listinfo/xfree86
