Hi Kees,
Thanks again!
I meant in general, a device driver has access to all of kernel memory.
Actually I am not aware of /dev/mem exploit; I will need to do some
research. : )
About AppArmor, it is ready to use? What profiles are available now?
Will there be any utilities?
Woei
-----Original Message-----
From: Kees Cook [mailto:kees@xxxxxxxxxx]
Sent: Monday, July 30, 2007 5:29 PM
To: Ng, Cheon-woei
Cc: ubuntu-server@xxxxxxxxxxxxxxxx
Subject: Re: About Ubuntu security
On Mon, Jul 30, 2007 at 05:15:34PM -0700, Ng, Cheon-woei wrote:
> Thanks for the excellent answers!
You're welcome! Your questions are forming the basis of my Ubuntu
security
FAQ, so really I should be thanking you. :)
> I also have a question on the kernel memory space security.
>
> Based on an experiment created by Mark Allyn (my college), if a device
> driver (like audio driver) is poorly written without boundary check, a
> user could exploits that security hole and can easily read or write to
> anywhere in the kernel memory space via an interface like /dev/audio.
>
> Is there any security features in Ubuntu that prevent such exploit? So
> far the only solution mentioned is to submit all device drivers for
> rigorous peers review.
Do you mean the /dev/mem interface, or that in general, device drivers
have access to all of kernel memory?
I am currently unaware of any in-kernel memory segmentation plans.
There are upstream plans to implement a form of stack-protection for
kernel functions, which should help minimize some attack vectors in
buggy drivers.
As for /dev/mem, I will need to check the state of progress. There are
no Ubuntu-specific changes that I know of, but I know there was work in
various upstreams (e.g. kernel and X.org) to deal with the identified
deficiencies with that interface.
-Kees
--
Kees Cook
|
