Re: Another backdoor to secure mode

Aaron Ucko (
Wed, 24 Jul 1996 08:49:10 -0600 (CST)

>We all know back door number one: modules. There is another one the
>IOPL and IOPERM system calls. If I am not wrong nothing impedes a
>privileged program of writing directly to disk with these calls. Of
>course it will to know about disk handling and file system layout.


>The problem is: X windows needs these calls, so if you forbid them in
>secure mode then bye bye X.

There are at least two solutions to this situation:
(1) GGI, the general graphics interface, puts a small amount of extra code
in kernel space so that programs using graphics (svgalib gam^H^H^Hprograms,
X servers, etc.) will no longer have to have special priviliges. See the
GGI link on for more info.

(2) Ted Ts'o <> and others are working on implementing POSIX.6
privileges for Linux (POSIX.6 is now POSIX.1g or something like that;
I don't remember the exact letter) under which even in the absence of GGI
you could specify that certain programs can be trusted with I/O port access.

Please note that (1) and (2) are not at all mutually exclusive; I for one
would like to see both fully implemented.

Aaron Ucko (; finger for PGP public key) | Geek Code
3.1 [for explanation, finger]: GCS/M/S/C d- s+: a18
C++(+++)>++++ UL++>+++ P++(+++) L+++(++++)>+++++ E- W+(-) N++(+) o+ K- w---
O M-@ V-(--) PS++(+++) PE- Y+ PGP(+) t(+) !5 X-- R(-) tv-@ b++(+++) DI+ D--
G++(+++) e>+++++(*) h!>+ r-(--)>+++ y? | "That's right," he said. "We're
philosophers.  We think, therefore we am." -- Terry Pratchett, _Small Gods_