Re: FreeBSD Security Advisory FreeBSD-SA-06:25.kmem

看板FB_security作者時間19年前 (2006/12/07 02:15), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串9/10 (看更多)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Doesn't securelevel completely mitigate this even for root users anyway, if set? Setting securelevel denies raw access to disk devices and kmem in this way does it not? - -- Craig Edwards Dan Lukes wrote: > Colin Percival napsal/wrote: >>> A user in the "operator" group can read the contents of kernel memory. >>> Such memory might contain sensitive information, such as portions of >>> the file cache or terminal buffers. This information might be directly >>> useful, or it might be leveraged to obtain elevated privileges in some >>> way; for example, a terminal buffer might include a user-entered >>> password. - -- OpenPGP Key ID: 0x49B959F7 "Better to reign in Hell than to serve in Heaven" -- Milton -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFdwdqCd57Ikm5WfcRAmx9AKDCtIqEj5lREwepRoFfcnMJNGwixQCfQ3WI c34CNp+R5Zsgl/PyE32Qr0c= =lRB+ -----END PGP SIGNATURE----- _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 brain. 的文章
文章代碼(AID): #15TmYq00 (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 9 之 10 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共10篇)
更多 brain. 的文章
文章代碼(AID): #15TmYq00 (FB_security)