Re: [XFree86] Re: Security in new drivers

Fri, 14 Feb 2003 08:44:14 -0800 

On Wed, Feb 12, 2003 at 08:19:35PM -0500, Mike A. Harris wrote:
> On Wed, 12 Feb 2003, John Bartoszewski wrote:
> 
> Heard comments from whom?  And what specific security problems?  
> What source code files are these problems in?  Or are they just 
> what-if rumors?

The sources at the time could not point me to any specific
reports, just that the had read them somewhere.

Since then I have concluded that they were talking about the
1999 paper: 
        http://dri.sourceforge.net/doc/security_low_level.html

and specifically the possible ability of a DRI client to use DMA
to read and write anywhere in memory.

I have asked on a DRI list if this paper is still valid and
if so if there was a listing of devices and drivers that did
not have the DMA problem. I have gotten no response so far.

> >Without actually reading the drivers is there any place where
> >these security problems are discussed and archived?
> 
> You assume that there are known security issues which are also 
> not fixed.  That is not the case however, but I urge anyone who 
> believes they know of such a security issue to report it 
> privately to [EMAIL PROTECTED], [EMAIL PROTECTED], 
> [EMAIL PROTECTED]
> 

I do believe that it takes time to fix a security issue.
Since time to fix a security issue is non zero we can assume 
there exists a state where a security issue is not fixed.

There might have been a place where past or current security problems
were archived and what was done to fix them. You have answered
that there is not.

> How exactly would someone audit a binary only driver that there 
> is no publically available source code for?  I'm not sure a heck 
> of a lot could be done without the source code.  You'd have to 
> ask those vendors directly however if they've audited their own 
> source code for security issues.

It is possible that these source for these drivers could have been
released (non-publically) for third part audit. I will infer from your 
comments that you do not believe this has been done.

---- 
John Bartoszewski                     Email: [EMAIL PROTECTED]
Senior Systems/Security Administrator .----------------------------------.
Instructional Laboratories            : If you are not terrified         : 
Department of Computing Science       : you are just repeating yourself. :
University of Alberta, Canada         `._        - Gilbert and George  _.'
_______________________________________________
XFree86 mailing list
[EMAIL PROTECTED]
http://XFree86.Org/mailman/listinfo/xfree86

Reply via email to