Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1758204AbXIGPef (ORCPT ); Fri, 7 Sep 2007 11:34:35 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1757469AbXIGPe0 (ORCPT ); Fri, 7 Sep 2007 11:34:26 -0400 Received: from mail.fieldses.org ([66.93.2.214]:35295 "EHLO fieldses.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1757089AbXIGPeZ (ORCPT ); Fri, 7 Sep 2007 11:34:25 -0400 Date: Fri, 7 Sep 2007 11:34:08 -0400 To: Trond Myklebust Cc: Satyam Sharma , Jan Engelhardt , Linux Kernel Mailing List Subject: Re: NFS4 authentification / fsuid Message-ID: <20070907153408.GG24638@fieldses.org> References: <1188484155.6755.38.camel@heimdal.trondhjem.org> <1188484337.6755.41.camel@heimdal.trondhjem.org> <1188486240.6755.51.camel@heimdal.trondhjem.org> <20070830214431.GF10808@fieldses.org> <20070906151118.GB28565@fieldses.org> <1189120910.6672.30.camel@heimdal.trondhjem.org> <1189121572.6672.36.camel@heimdal.trondhjem.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1189121572.6672.36.camel@heimdal.trondhjem.org> User-Agent: Mutt/1.5.16 (2007-06-11) From: "J. Bruce Fields" Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 994 Lines: 23 On Fri, Sep 07, 2007 at 01:32:52AM +0200, Trond Myklebust wrote: > Sorry. Of course, you have to copy the entire /lib, etc. onto the tmpfs, > but you get the gist.... > > The point is that it is easy to subvert userspace if you have enough > privileges. In the above example it may not be entirely undetectable, > but who here is running a script on every login to check that / is > indeed uncompromised? I suppose this is the motivation for things like the "secure attention key"? But I'm most curious actually about to what degree the kernel itself is vulnerable to root (without a reboot). Is disabling /dev/kmem and module-loading in theory enough? (Modulo bugs like filesystems that aren't secure against untrusted filesystems, etc.) --b. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/