On Mon, 2006-04-03 at 10:48 +0200, Hendrik Weimer wrote: > Package: oprofile > Version: 0.9.1-9 > Tags: security > > As described in http://www.osreviews.net/reviews/devel/oprofile > OProfile allows unprivileged users to profile all code on a > system. This makes cryptographic services vulnerable to timing attacks > (e.g. compromise of secret keys).
The closest to getting this to happen that I know of -- at least on a Debian system -- is for someone with root privilege to have installed the oprofile kernel module (with either modprobe or opcontrol --init), and left in place (i.e., did not do either a modprobe -r or a opcontrol --deinit). The kernel module is _not_ loaded by default, and without it, no profiling occurs. Hence, there's not much OProfile can do about this, as far as I can tell. If a user already has root privilege to install the oprofile kernel module, I'm afraid compromising of secret keys is the least of the problems. If someone with root privilege left the module loaded, they probably should not have had root privilege, in my estimation. I could be completely wrong. Would it be possible for you to send me a demonstration of this scenario? If you wish, send it to me directly if you don't wish to publicize the flaw any more than necessary. Thanks in advance for your time and effort. -- Ciao, al ---------------------------------------------------------------------- Al Stone Alter Ego: Open Source and Linux R&D Debian Developer Hewlett-Packard Company http://www.debian.org E-mail: [EMAIL PROTECTED] [EMAIL PROTECTED] ---------------------------------------------------------------------- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
