On Mon, 1 May 2006, Dave Feustel wrote: > After looking at the slides for Loic Duffet's presentation > http://72.14.203.104/search?q=cache:y-G4z3W2zuQJ:www.cansecwest.com/slides06/csw06-duflot.ppt+%27Lo%C3%AFc+Duflot%27&hl=en&gl=us&ct=clnk&cd=1&ie=UTF-8 > on x86 hardware vulnerabilities at CanSecWest, > I'm wondering if *any* OS that allows the video card to > access PC memory can be 'rooted'. > > Is this a correct conclusion from Loic's presentation?
No. Think about who gets access to this memory to begin with and how the aperture driver modified this. > Is simply running run X windows sufficient to permit 'rooting' > of OpenBSD, or must the memory aperture of the video card > be non-zero as well? rooting is the wrong term, but yes. > What changes would have to be made to PC hardware > architecture to plug the security holes Loic has identified? off topic. -d
