Ed White wrote:
It seems XFree people disagree...
What a surprise.
Marc Aurele La France: Contrary to what too many security pundits think,
limiting root's power doesn't solve anything. Like bugs, security issues
will forever be uncovered, whether they be in setuid applications like an X
server or in a kernel itself. The trick, it seems, is to understand where to
properly fix them, instead of sowing workarounds all over the place...
( http://marc.theaimsgroup.com/?t=114735843400006&r=1&w=2 )
I think that's been agreed to many times by the OpenBSD developers: you can't
effectively limit root's ability to do "bad things", and pretending you did
is just fooling the good guys and making the bad guys giggle.
This isn't about root. Or at least, it shouldn't be. Except it is, because
of how much of the X code is doing root-like things.
Does the rest of this mean that XFree86 is about to launch a very careful and
on-going proactive code audit? Or were they just waving their hands and
saying, "Software will always have bugs, so no point in trying to do things
better"?
...and some Linux developers too...
Alan Cox: What it essentially says is "if you can hack the machine enough to
get the ability to issue raw i/o accesses you can get any other power you
want". Thats always been true. Using SMM to do this seems awfully hard
work.
( http://marc.theaimsgroup.com/?t=114735843200004&r=1&w=2 )
Well, we know THEY aren't planning a proactive code audit.
As Theo indicated, this SMM attack is only ONE of many ways X makes your
system less secure. The issue isn't root doing unpleasant things to your
system, the issue is a non-privileged user doing unpleasant things to your
system, which X helps facilitate.
Nick.
