FreeBSD Security Advisory FreeBSD-SA-06:25.kmem
Craig Edwards
brain at winbot.co.uk
Wed Dec 6 10:11:28 PST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Doesn't securelevel completely mitigate this even for root users anyway,
if set? Setting securelevel denies raw access to disk devices and kmem
in this way does it not?
- -- Craig Edwards
Dan Lukes wrote:
> Colin Percival napsal/wrote:
>>> A user in the "operator" group can read the contents of kernel memory.
>>> Such memory might contain sensitive information, such as portions of
>>> the file cache or terminal buffers. This information might be directly
>>> useful, or it might be leveraged to obtain elevated privileges in some
>>> way; for example, a terminal buffer might include a user-entered
>>> password.
- --
OpenPGP Key ID: 0x49B959F7
"Better to reign in Hell than to serve in Heaven" -- Milton
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFdwdqCd57Ikm5WfcRAmx9AKDCtIqEj5lREwepRoFfcnMJNGwixQCfQ3WI
c34CNp+R5Zsgl/PyE32Qr0c=
=lRB+
-----END PGP SIGNATURE-----
More information about the freebsd-security
mailing list