> So if you are accepting a firmware into the kernel, watch closely how > it's being used. Tracking static symbols vs. buffer's content from > request_firmware() can be harder, i think.
For things like USB the firmware question of security is pretty irrelevant. If I can feed the device wrong firmware and have the device attack the kernel then the kernel driver is faulty and needs correcting. USB is an external removable device so if there is a way to feed a device messages that cause exploits I can simply build a widget to do it and not bother at all with attacking the host firmware files ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ linux-usb-devel@lists.sourceforge.net To unsubscribe, use the last form field at: https://lists.sourceforge.net/lists/listinfo/linux-usb-devel
