Re: Security Hole?

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: James H. Cloos Jr.: "NFS in 1.3.70 not yet quite right"
• Previous message: Stephen Lee: "Re: RFC: Resource Management"
• Maybe in reply to: Andrew Mileski: "Security Hole?"
• Next in thread: Michael Weller: "Re: Security Hole?"

> Wanted to get some EXPERT opinion on this...
>
> I've noticed that the linux kernel allows anyone to freely
> request/release IRQ, DMA, and I/O. Is this a security

Are these functions really available to user processes? I think only
kernel drivers should be able to use them. Otherwise you would have
to track the owner (PID).

> hole, or am I missing something that only allows root to
> do these things?
>
> I was considering giving each resource region a uid, with
> only root or the owner being allowed to change that region.
> Originally I was going to use the devname, but this is not
> secure enough, and things like the serial drivers might
> not like that.

I think PID would be more secure than UID, but usually UID is the
way.

>
> Is it necessary to add anything for security? Or should
> the status quo be maintained?
>
> -- Andrew E. Mileski --
>
> -------------------------------------------------------
> Located in Canada's Capital: Ottawa! (EST)
> mailto:dmtech@magi.com http://www.magi.com/~dmtech/
>
>

• Next message: James H. Cloos Jr.: "NFS in 1.3.70 not yet quite right"
• Previous message: Stephen Lee: "Re: RFC: Resource Management"
• Maybe in reply to: Andrew Mileski: "Security Hole?"
• Next in thread: Michael Weller: "Re: Security Hole?"