On Sun, 28 Jul 2002, Stas Sergeev wrote:
> Two attached patches implements that
> functionality. Then you can safely
> remove the "BUG" stuff I think.
Yes, that looks like the proper fix to me.
> Right, this is a main design problem
> of dosemu which is that the DPMI code
> is executed in the same address space
> with dosemu. vm86 is separated however.
> So DPMI code can do everything and if
> dosemu have root privs, it can be easily
> exploited by DPMI code.
yes, see section three of README.txt:
* Never allow DPMI programms to run, when dosemu is suid root.
(in /etc/dosemu.conf set 'dpmi off' to disable)
It is possible to overwrite sensitive parts of the emulator code,
and this makes it possible for a intruder program under DOS, who
knows about dosemu internals (which is easy as you have the
source) to get root access also on non dosemu processes. Because a
lot of games won't work without, we allow creation of
LDT-descriptor that span the whole user space.
There is a 'secure' option in /etc/dosemu.conf, that allows to
turn off creation of above mentioned descriptors, but those
currently protect only the dosemu code and the stack, and may be
some diabolical person finds a way to use the (unprotected) heap.
Anyway, better 'secure on' than nothing.
> > Would you accept such a patch?
That would be me. Well together with Stas' patch I would accept it.
Bart
-
To unsubscribe from this list: send the line "unsubscribe linux-msdos" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
