Date: Tue, 15 Sep 2009 13:27:03 -0700 From: Chris Palmer <chris@noncombatant.org> To: utisoft@googlemail.com, freebsd-security@freebsd.org Subject: Re: FreeBSD bug grants local root access (FreeBSD 6.x) Message-ID: <20090915202703.GF24361@noncombatant.org> In-Reply-To: <0016e6d99efa540b8b047399738b@google.com> References: <4AAF45B4.60307@isafeelin.org> <0016e6d99efa540b8b047399738b@google.com>
next in thread | previous in thread | raw e-mail | index | archive | help
utisoft@googlemail.com writes: > It appears to only affect 6.x.... and requires local access. If an > attacker has local access to a machine you're screwed anyway. No, the thing you're screwed anyway by is local *physical* access. Merely running a process as a non-root local user should *not* be a "you're screwed anyway" scenario. The fundamental security guarantee of a modern operating system is that different principals cannot affect each other's resources (user chris cannot read or write user jane's email -- let alone root's email). This bug breaks that guarantee, and is definitely not a ho-hum bug. Remote exploits, which I agree are even worse, are in a sense a special case of breaking the same guarantee: the pseudo-principal "anonymous maniac from the Internet" can affect user root's (or whoever's) resources. Some operating systems even have an explicit "anonymous" user, but the point is the same either way. -- http://www.noncombatant.org/ http://hemiolesque.blogspot.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090915202703.GF24361>