Date: Fri, 27 Feb 1998 14:31:26 -0800 From: Mike Smith <mike@smith.net.au> To: Eivind Eklund <eivind@yes.no> Cc: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>, Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>, freebsd-security@FreeBSD.ORG Subject: Re: OpenBSD Security Advisory: mmap() Problem Message-ID: <199802272231.OAA29161@dingo.cdrom.com> In-Reply-To: Your message of "Fri, 27 Feb 1998 17:09:54 %2B0100." <19980227170953.30435@follo.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Fri, Feb 27, 1998 at 10:01:50AM -0500, Garrett Wollman wrote: > > <<On Thu, 26 Feb 1998 20:23:06 -0800, Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca> said: > > > > > crashes trying to access the VT. To get the XIG Accelerated X server > > > to work I've modified the patch to allow superuser to access to > > > character devices. > > > > The would be pointless. > > It'd kill the securelevel facility, but it would still remove the kmem > => root exploits. But it isn't good enough, I agree. Perhaps denying > the transition only when !(root || securelevel > -1) would be a > potential solution? It'd allow AccelX to keep working (AFAIK, it > won't work with securelevel > 0 anyway) and it would stop all real > violations I can think of The fundamental question still hasn't been answered; as Bruce asked, why are mmap operations on readonly character devices promoted to readwrite in the first place? -- \\ Sometimes you're ahead, \\ Mike Smith \\ sometimes you're behind. \\ mike@smith.net.au \\ The race is long, and in the \\ msmith@freebsd.org \\ end it's only with yourself. \\ msmith@cdrom.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199802272231.OAA29161>