Local root exploit in NVidia driver
Posted Oct 16, 2006 22:43 UTC (Mon)
by AJWM (guest, #15888)
[Link] (5 responses)
I've seen several references that Lonni Friedman, who authored the message linked to as the report on the beta fix, works in PR for Nvidia, although the email itself has a gmail address.
Since the source is closed, verifying the fix is kinda tough.
Myself, I run graphics hardware based on the latest chip for which ATI released the specs (9250), (Nvidia has never released specs) using open source drivers.
Posted Oct 16, 2006 23:09 UTC (Mon)
by drag (guest, #31333)
[Link] (1 responses)
Thank goodness I got rid of my nvidia video card a while ago.
Hopefully the 'beta' drivers have the real fix. A lot of people should be already using them since they are suppose to support the AIGLX extensions compiz-related stuff.
Posted Oct 16, 2006 23:17 UTC (Mon)
by charris (guest, #13263)
[Link]
Posted Oct 16, 2006 23:57 UTC (Mon)
by Ed_L. (guest, #24287)
[Link] (2 responses)
Not commenting on drivers. (Fond hopes the native ati driver in FC6 supports xinerama or dual view on my x700 card notwithstanding :-)
Posted Oct 17, 2006 0:24 UTC (Tue)
by drag (guest, #31333)
[Link]
I don't have a dual monitor setup anymore so I don't know if it's do-able.
http://librarian.launchpad.net/3024460/xorg.conf
------
on a unrelated-to-your-reply note
This Nvidia bug has been known since 2004. It took until July 2006 before Nvidia aknowledged it and they may or may not have fixed it with the beta release.
This thing is potentionally a remote root exploit...
I remember similar issues being brought up about the state of wireless drivers for Windows and OS X. Linux is not invunerable from those problems either when it comes to closed source wireless drivers.
Posted Oct 17, 2006 6:36 UTC (Tue)
by tajyrink (subscriber, #2750)
[Link]
Posted Oct 17, 2006 1:23 UTC (Tue)
by cortana (subscriber, #24596)
[Link] (21 responses)
Inspired by a prior Letter to the [LWN] Editor on this topic, I have written to NVIDIA to ask them to consider releasing their hardware specs, so that we can create a free software driver for our NVIDIA hardware.
It's a long shot, and I do not believe that my letter will affect a change in NVIDIA's policy by itself, but I do believe that letting NVIDIA know that some of their customers do want free drivers is a necessary first step toward the eventual release of the information that we need.
I ask that anyone who wants to see an end to NVIDIA's proprietary video drivers also let them know that you care about this issue.
Posted Oct 17, 2006 1:37 UTC (Tue)
by einstein (subscriber, #2052)
[Link] (16 responses)
I would hate to see an end to nvidia's drivers, as they are currently the best video drivers available for linux at any price. I'd love it if there was any OSS driver that could match the nvidia performance, but it's just not the case at present. Let's at least admit that these nvidia people do know a thing or two about graphics programming.
And let's not kid ourselves, we've seen vulnerability reports every week for various open source programs, libraries and drivers. It's a bit ironic that the one time it's the nvidia driver, we hear all the comments about the evils of closed drivers - the fact that it's already fixed makes no odds to these folks, I suppose.
* See the release notes for the 1.0-9626 driver - which I'm running at present
Posted Oct 17, 2006 3:03 UTC (Tue)
by drag (guest, #31333)
[Link] (3 responses)
Nothing in the Nvidia changelog mentioned anything about the offending bug.
The only thing we know is that the exploit code in it's current form probably will not work. The nvidia devs didn't mention anything until after this stuff has been made public and we don't know if they closed the hole or not.
It looks a lot more the statement like damage control then actually a company concerned about fixing a security problem.
The shoker is the length of time it's taken for this problem to be realy made public. The issue has been around since 2004 and it wasn't until July 2006 until a nvidia developer in their forums acknowledged it was a problem and gave it a bug report number.
As for the quality of OSS drivers...
The OSS developers haven't realy been given a chance to show what they can or cannot due. With the Intel stuff they have to sign NDAs so only a small number of developers are working on it, but the results are actually pretty nice so far.
I would expect that developers working from within Nvidia with direct access to any and all documentation and having the developer's ear have a bit of a unfair advantage compared to developers that have Nvidia and ATI actively working AGAINST them making drivers and forcing them to reverse engineer the drivers.
I think that the fact that R300 DRI drivers work nearly as well as they do is a testiment to the fact that F/OSS developers CAN write good 3d drivers. Sure they are slow and have limited features, but non-the-less they work and are stable. I think that this a quite of a acheivement considuring that they are made from reverse engineering stuff.
Posted Oct 17, 2006 7:15 UTC (Tue)
by nhippi (subscriber, #34640)
[Link] (2 responses)
I hate binary drivers as much as the next guy, but you are not being fair here.
The 2004 report was on xorg bugzilla, but it wasn't reported against nvidia drivers, instead against org/Server/General. A nvidia (propertiary) section was added later to xorg bugzilla, but nobody took the time to dig through bugzilla to search what to reassign to that category.
Nobody reported or tagged it as security issue until recently.
When it was reported to nvnews forums nvidia started promptly working on it.
It was rather a fault of bug reporting process than evidence of evilness of propiertary application development. People who report bugs are lost - they don't know where to report, how to give all information developers need and so-on. Developers hate administrative tasks such as digging and reassiging bugs in bugzilla..
Posted Oct 17, 2006 8:12 UTC (Tue)
by nim-nim (subscriber, #34454)
[Link] (1 responses)
> I hate binary drivers as much as the next guy, but you are not being fair
> The 2004 report was on xorg bugzilla, but it wasn't reported against nvidia
And remind us again why nvidia was not reading xorg bugzilla in 2004?
... right, out-of-tree binary drivers and development team dissociated from the FOSS community
Posted Oct 26, 2006 13:46 UTC (Thu)
by jond (subscriber, #37669)
[Link]
Posted Oct 17, 2006 3:52 UTC (Tue)
by dang (guest, #310)
[Link]
Posted Oct 17, 2006 3:53 UTC (Tue)
by rqosa (subscriber, #24136)
[Link]
> And let's not kid ourselves, we've seen
vulnerability reports every week for various open source programs,
libraries and drivers. But those vulnerabilities usually get fixed faster.
Posted Oct 17, 2006 4:22 UTC (Tue)
by bignose (subscriber, #40)
[Link] (3 responses)
I hate to see all that good knowledge locked up inside a proprietary driver, and want an end to their proprietary nature.
> I'd love it if there was any OSS driver that could match the nvidia
I'd love it if any proprietary driver was independently auditable and openly documented like *all* free software drivers. But that's just not the case.
> Let's at least admit that these nvidia people do know a thing or two
I freely admit that nvidia people know a thing or two about graphics programming. I don't see any necessary connection with "knowing a thing or two about graphics programming" and "unable to release information needed for free software dirvers".
> And let's not kid ourselves, we've seen vulnerability reports every week
That's a good thing, because those vulnerabilities are revealed very soon after they're discovered. Security vulnerabilities in non-free software are treated as a PR problem, and are covered up for as long as the holder can get away with it.
> the fact that it's already fixed
How can we know it's fixed at all? The only people who can say anything about that have a direct interest in not letting anyone know of any problems.
A free-software driver can be independently verified when it gets fixed, by people who have a direct interest in finding remaining problems. Not so for non-free drivers.
Posted Oct 17, 2006 5:12 UTC (Tue)
by elanthis (guest, #6227)
[Link] (2 responses)
By "just not the case" I assume you must be refering to all free software drivers being openly documented and independently auditable. A great many drivers, graphics/X drivers and otherwise, are either filled with black voodoo that nobody but the author understands (and who is under NDA) or functions as little more than a loading mechanism to push a binary blob of firmware to the hardware.
Posted Oct 17, 2006 5:59 UTC (Tue)
by bignose (subscriber, #40)
[Link] (1 responses)
Then those drivers are also non-free.
Yes, many such drivers are mistakenly distributed under the GPL or other free software licenses. While a free software license is necessary to make the software free, it's not sufficient. Software for which the source code is not freely distributable is non-free.
Posted Oct 17, 2006 16:15 UTC (Tue)
by smoogen (subscriber, #97)
[Link]
I wonder what drivers are truely free in the sense that is wanted by people. My experience that a lot of the voodoo with hardware starts with the manufacturer who found what values worked for them and have no idea what happens if you change bit 37 to 1 beyond it blew up Jo in testings monitor.
Posted Oct 17, 2006 5:53 UTC (Tue)
by AJWM (guest, #15888)
[Link]
What part of "root exploit" did you miss? That automatically disqualifies them from even running for "best video driver".
> Let's at least admit that these nvidia people do know a thing or two about graphics programming.
Okay, these Nvidia people know a thing or two about graphics programming. (Of course, it helps that they have access to the specs and nobody else does). Apparently they don't know much about secure programming or preventing buffer overflows.
> it's already fixed
How do you know it's fixed? Do the release notes specifically mention a fix for a root exploit? Did you review the source code? Oh, wait...
Posted Oct 17, 2006 6:22 UTC (Tue)
by cate (subscriber, #1359)
[Link] (4 responses)
Performance is not a valid reason to qualify "best driver". Is is simpler to ignore some races and some cases to gain a lot of performance, but at the end is not correct on some cases, then you will have some crash or lock every day/week/month/year? I prefer "safe" over "preformance"
Posted Oct 17, 2006 9:47 UTC (Tue)
by NAR (subscriber, #1313)
[Link] (1 responses)
I seem to recall that even Debian servers were compromised by a previously unknown local root exploit based on a kernel bug - and probably the kernel gets the most peer review, so the situation could be only worse for other projects. Anyway, I believe that the number of critical bugs does not depend directly on the methodology of development, it depends on the skill of the developers and their deadlines.
Posted Oct 17, 2006 10:04 UTC (Tue)
by cate (subscriber, #1359)
[Link]
Linux have specialized people with good kernel skills in design, features and common problems. Unfortunately the hardware designers lack of people with in-deep known. (Maybe "our" editor books helps to fill the gap)
Anyway there are a lot of security problem in a lot of open source programs. And I think for a cultural reason.
Posted Oct 17, 2006 14:39 UTC (Tue)
by ajross (guest, #4563)
[Link] (1 responses)
"nvidia's drivers, as they are currently the best video drivers available for linux at any price."... This is an apples-to-oranges argument. The NVIDIA drivers
are "best" to some folks because they are fast, stable, and
very featureful. They are they only drivers available
under linux that have the features (OpenGL extensions & 2.0
shaders) you get with the windows drivers, period. To people
doing 3D development under linux (most of us at
www.flightgear.org, for example), they are honestly the only
reasonable choice. Bugs in the ATI and x.org drivers appear
regularly. There's a very common one right now (we see it
routinely on IRC, not sure which distros are affected) where
trying to run an indirect GL client when an improper xorg.conf
setup causes a client crash.
People not doing 3D development don't likely care about
the output of glxinfo and just want their 2D desktop and the
occasional (pre-compiled and tested by someone else) 3D program
to be stable and work. These folks can get acceptable use out of
the existing free drivers. But to pretend that that makes
them "just as good" as the NVIDIA drivers is a little delusional.
They aren't.
Now, does that make it "OK" that NVIDIA's drivers are
non-free, or excuse the root hole? Of course not. But please
don't confuse the issue by arguing two things at the same time.
NVIDIA's drivers have features that some of us need, and
that are simply not yet available from free software.
Posted Oct 17, 2006 16:00 UTC (Tue)
by AJWM (guest, #15888)
[Link]
Horsepucky. The open source ati drivers are just fine for running flightgear, and as far as development goes, it doesn't matter what graphics you have for compiling. Might make a slight difference if you're building models, but I doubt it.
I will freely admit that you do need a decent 3D card and drivers to run FlightGear -- I replaced my ancient generic PCI video card (1 frame per second) with an ATI 9250-based, 256MB AGP card (typically about 40 fps, higher at night ;-), with everything else the same) for that very reason.
> NVIDIA's drivers have features that some of us need,
Need? Really? Want, perhaps. Especially if you're doing development rather than running applications -- fast compilers aside, developers (of mass audience apps) shouldn't be targeting bleeding edge hardware, it skews their perspective. Come up with creative solutions to make the app fast/dazzling/whatever on mediocre hardware and you'll make more people happy. (Personally as far as FlightGear goes, I'd just as soon see less effort spent on making clouds look more real, and more done on making the scenery look more like the places I've actually flown, or at least make the documentation better so that I can figure out how to incorporate photos into the scenery myself. Although to be honest I haven't spent a lot of time on that yet.)
Posted Oct 17, 2006 1:44 UTC (Tue)
by elanthis (guest, #6227)
[Link] (3 responses)
Posted Oct 17, 2006 6:04 UTC (Tue)
by AJWM (guest, #15888)
[Link] (1 responses)
I wonder how much (if, of course, any) of that relates to possible agreements with Microsoft over informtion needed to tune the cards for DirectX.
I could see where Microsoft is happy to lend technical help on developing DirectX compatible hardware and drivers .. so long as none of that information is given to developers of drivers for other platforms. Not that those developers would care about DirectX, but it's simpler to just say "no" to releasing any specs than to carefully filter through the stuff and only release what you're not under an NDA to Microsoft for.
(Sure, NDAs to upstream hardware vendors may be important too, but there's only one 900 pound gorilla at the party.)
Posted Oct 17, 2006 15:25 UTC (Tue)
by elanthis (guest, #6227)
[Link]
Far more likely it's just a few chips used, ranging from anything from the memory controller to the DAC chips to the PCI/AGP bridge to whatever, which are necessary components of making the card operate but to which NVIDIA isn't allowed to release specs.
There may also literally be IP in NVIDIA's custom chips that they can't release, such as information on how to drive a proprietary, licensed compression engine, video decoder, or whatever.
NVIDIA may be capable of releasing some specs, but those specs may very well be too incomplete and/or organizing all those documents when NVIDIA has little to gain from it other than some half-functional open source drivers might be considered to much effort. Who knows, maybe they could even face legal action if they release docs to only their chips, as that would essentially be saying, "hey community, here's our stuff, now go and reverse engineer our upstream vendors' hardware, which'll be a little easier now that we showed you the shape of hole those components fit into."
Honestly, I think it's best to just stop asking NVIDIA to open their drivers, and if openness is important to you, then use a competing product. Intel's drivers (almost) open, and the OpenGraphics projects might actually release something someday. There's always older ATI cards, too.
Posted Oct 18, 2006 9:38 UTC (Wed)
by xav (guest, #18536)
[Link]
Posted Oct 17, 2006 6:47 UTC (Tue)
by rsidd (subscriber, #2582)
[Link] (9 responses)
Posted Oct 17, 2006 7:29 UTC (Tue)
by xoddam (subscriber, #2322)
[Link]
Apparently a malicious web page can cause the X server to crash the
Web browsers and other network-connected applications run as local X
Posted Oct 17, 2006 7:37 UTC (Tue)
by beejaybee (guest, #1581)
[Link] (5 responses)
Not quite true. The point being that a hacker who can get into the system at all can escalate privelege via the exploit i.e. all systems are effectively multi-user.
Now there's no 100% effective defence against hackers (short of complete and permanent disconnection from the network), but this episode shows the insanity of installing closed source drivers on any system which ever has network access.
I'm not claiming that open source is 100% proof either (see above) but at least if an open source driver compromises you (a) it's at least partly your fault for misplacing trust in someone who's either incompetent or hostile, (b) a timely and effective fix is likely to be available.
Security by obscurity is not, never has been and never will be effective. MS Vista developers please note.
Posted Oct 17, 2006 11:29 UTC (Tue)
by hein.zelle (guest, #33324)
[Link] (2 responses)
I'm sorry, but even though I am not happy with the closed nature of the nvidia drivers (being the owner of several of such cards) I think the above remark is a bit out of bounds.
Calling closed-source drivers on a system connected to the network "insanity" is rather overdone, I'd say. Apart from the fact that at least 80% percent of all computers ONLY run closed source drivers (which I suspect you indeed find insane :-), I don't see the big difference with other closed software. I'd like to see the count of LWN readers that don't have ANY closed source software on their machine, vs the amount of people that run google-earth, for instance. Why would a driver be any more dangerous than a piece of software that is used daily on the internet? I suspect the risk of getting your system broken into through a bug in a popular webbrowser is a lot higher than through a closed-source video driver.
I think the real issue is the fact that you have no control over bugfixes in closed-source software, be it a driver or something else. To many people that will not be acceptable, and to many others it will be as long as the manufacturer responds reasonably well to problems. From this article and the responses I'm neither convinced that NVidia is doing a very good job at it, nor that they are messing it up. It may be interesting to just ask them about it. I think it's only in NVidia's best interest to deal with the issue appropriately, and wouldn't be surprised if they became a bit more informative if told about the impression they've left behind.
Posted Oct 21, 2006 2:52 UTC (Sat)
by roelofs (guest, #2599)
[Link] (1 responses)
Do you honestly not get that? A driver lives in kernel space--it's root already! With the possible exception of certain kinds of hardened kernels, there are very few things a driver can't do. If someone gets that far, they own your machine--period. And to get that far, all it takes is one unprivileged remote exploit--perhaps browser-based, perhaps email-based, perhaps in a web server or irc client or SSH daemon; you name it, if it involves the network, it's a potential hole.
So yes, the balance of danger between a driver and a piece of Internet software, each taken on its own, is unclear--one is local but basically infinitely powerful; the other is remote but of limited power. However, it's naive to imagine that the bad guys are going to limit themselves to just one or the other--or that you (or your distro provider) are going to know about all the holes they know about. Every chink in the armor is a stepping stone to the next level of penetration, and these days, two or three of them may very well be all it takes.
Greg
Posted Oct 21, 2006 19:43 UTC (Sat)
by hein.zelle (guest, #33324)
[Link]
Apart from that I agree completely with your remark about every (unknown) vulnerability being one too many, I'm not trying to justify closed-source software with vulnerabilities in it. The point was about the original poster calling "closed source drivers" being madness in general, which I think rather depends on the behaviour of the manufacturer. Although it's clearly not the case here, I could very well imagine a manufacturer that does deal properly with (un)disclosed vulnerabilities. Unfortunately the NVIDIA case isn't suggesting that about their behaviour, so far.
Posted Oct 17, 2006 12:30 UTC (Tue)
by rsidd (subscriber, #2582)
[Link] (1 responses)
And the nvidia hole does what, exactly, to enable such a hacker?
Yes, back in the 1990s, a default install (from, say, Red Hat) would have twenty services running, ten of which would have remote holes. So you could assume that any system is effectively multi-user. Those days are gone (I would hope). If you're a desktop user, you shouldn't have any open ports.
Posted Oct 18, 2006 1:59 UTC (Wed)
by xoddam (subscriber, #2322)
[Link]
Posted Oct 17, 2006 9:19 UTC (Tue)
by job (guest, #670)
[Link] (1 responses)
Posted Oct 17, 2006 10:15 UTC (Tue)
by drag (guest, #31333)
[Link]
It's trivial to 'comprimise' a user account by tricking them to run a malicious program. A Linux virus is rare, but it's not difficult to make and easy to embed into existing binaries.
Even a simple bash script can nail a user.
However it's easy to recover from something like that. You just log in as root and bingo! you can find and delete the programs very easily. Nothing is safe from root.
If push comes to shove:
However if you add on top of that a local root exploit... Then all of a sudden the best course of action to recover the machine is to format and reinstall.
And I am dead serious about it. It's possible to find a uninstall a root kit, but it's not possible to know everything they did to your computer. It's not worth the time and hassle it would take to clean out a machine. Format and reinstall is the best answer to a compromised machine with a local root hole.
The reported fix in beta versions is a fix for a bug causing a driver crash. The release notes do not specifically mention the exploit. The beta may or may not fix the exploit, independent test results are not in."Report" of fix unclear
I got my Intel GMA950 and my ATI x800 that run open source drivers."Report" of fix unclear
The beta drivers also need to be unpacked and modified for the latest fedora 6 kernels. The kernel include file config.h no longer exists."Report" of fix unclear
To be fair, I believe Lonnie Friedman works the Linux thread on Nvidia's support forum. In that respect he is part of Nvidia PR. But he is also a highly competent and helpful support engineer."Report" of fix unclear
The open source ATI driver _should_ support it, unless there is some bug that prevents it from happenning, I think."Report" of fix unclear
What people need to realise is that with Linux you can't depend on closed source drivers to keep your system secure and stable.
My PCI-E X800 has working dual monitor output with the "radeon" driver ("ati" is just a wrapper, but has problems understanding that the card is not ATI Mach64...), no problem. Haven't checked for a while if all my MergedFB, MetaModes and CRT2HSync/CRT2VRefresh -options are actually even absolutely required, but I just followed some instructions originally."Report" of fix unclear
Write to NVIDIA
> I ask that anyone who wants to see an end to NVIDIA's proprietary video drivers also let them know that you care about this issue.Write to NVIDIA
There is no way to know it's fixed.Write to NVIDIA
> The shoker is the length of time it's taken for this problem to be realy made public. The issue has been around since 2004 and it wasn't until July 2006 until a nvidia developer in their forums acknowledged it was a problem and gave it a bug report number.Some perspective for the timeline..
>> The shoker is the length of time it's taken for this problem to be realySome perspective for the timeline..
>> made public. The issue has been around since 2004 and it wasn't until July
>> 2006 until a nvidia developer in their forums acknowledged it was a problem
>> and gave it a bug report number.
> here.
> drivers, instead against org/Server/General.
The distributions only switched to X.org from XFree86 in mid-2004 (Debian's first release with X.org instead of XFree86 is due /this/ december). It is hardly suprising that Nvidia wasn't reading every bug in the X.org bugzilla before the dust had settled.Some perspective for the timeline..
No irony about it. It isn't the *fact* that there is a bug. Every bit of sofware has bugs. It isn't even that it is a bug of high severity. Rather it is that apparently the bug of the highest severity was known and neither acknowledged nor fixed for so very long. Whatever one thinks about binary drivers, one can't well like this sort of lapse is responsibility.Write to NVIDIA
Write to NVIDIA
> I would hate to see an end to nvidia's drivers, as they are currently theWrite to NVIDIA
> best video drivers available for linux at any price.
> performance, but it's just not the case at present.
> about graphics programming.
> for various open source programs, libraries and drivers.
"I'd love it if any proprietary driver was independently auditable and openly documented like *all* free software drivers. But that's just not the case."Write to NVIDIA
> A great many drivers, graphics/X drivers and otherwise, are either filledWrite to NVIDIA
> with black voodoo that nobody but the author understands (and who is under
> NDA) or functions as little more than a loading mechanism to push a binary
> blob of firmware to the hardware.
What drivers are truely Libre?
> nvidia's drivers, as they are currently the best video drivers available for linux at any price.Write to NVIDIA
The open source programs have more security advisory because people check the sources and send bug report. It is rare to found an exploit before upstream fix bugs. In closed source you will have only the later category.Write to NVIDIA
The open source programs have more security advisory because people check the sources and send bug report. It is rare to found an exploit before upstream fix bugs.
Write to NVIDIA
The exploits of Debian server, IIRC, was two kernel bugs. IIRC one was discovered with forensic of the debian exploit. So I agree, also open sources have zero-day exploits.Write to NVIDIA
But IIRC there was some studies about drivers, and the majority of binary drivers was coded in a very very bad manner (and not only Linux drivers).
Check gallery, one of the most used web photo gallery. The FAQ explains you to chmod 0777 all the files in the gallery distribution!!!
Write to NVIDIA
"What part of "root exploit" did you miss? That automatically disqualifies them from even running for "best video driver"."...
"Performance is not a valid reason to qualify "best driver"."...
> To people doing 3D development under linux (most of us at www.flightgear.org, for example), they are honestly the only reasonable choice. Write to NVIDIA
As told by NVIDIA, releasing hardware specs is a legal minefield. Quite often there are hardware components which NVIDIA uses but for which they themselves do not have the right to release the specs for. Whether that's the truth is another story, but the OpenGraphics project stuff I've read seems to indicate that it is indeed a problem. It just isn't cost effective to develop everything yourself when you can use 3rd party components, but those components often have quite restrictive contracts and licenses.Write to NVIDIA
> As told by NVIDIA, releasing hardware specs is a legal minefield.Write to NVIDIA
I doubt it's that complex.Write to NVIDIA
<i>As told by NVIDIA, releasing hardware specs is a legal minefield. QuiteWrite to NVIDIA
often there are hardware components which NVIDIA uses but for which they
themselves do not have the right to release the specs for.</i>
<p>
Whatever. They can just as well release an OSS driver without the sensible
parts, or even incomplete specs. That will be waaay more that what they do
today, and would enable developing a good driver in no time, I'm sure.
I seem to be missing something here, but -- with everyone wailing about how NVidia's closed-source driver endangers them -- who is endangered by a local root exploit? Only multi-user machines with untrusted users. So don't run NVidia drivers on such machines. In many cases, X may not be needed at all, and if it is needed, use vesa or the free nv driver. In what situation will one need to give untrusted users 3D acceleration?Local root exploit in NVidia driver
> who is endangered by a local root exploit?Root is just gravy
> Only multi-user machines with untrusted users.
kernel by exploiting the nvidia driver bug, without even compromising the
browser first.
clients on most workstations. Compromise the browser and you've already
compromised the user. Root is just gravy.
"who is endangered by a local root exploit? Only multi-user machines with untrusted users."Local root exploit in NVidia driver
> Now there's no 100% effective defence against hackers (short of completeLocal root exploit in NVidia driver
> and permanent disconnection from the network), but this episode shows
> the insanity of installing closed source drivers on any system which
> ever has network access.
Why would a driver be any more dangerous than a piece of software that is used daily on the internet?
Local root exploit in NVidia driver
Good point, I didn't think of that when I wrote that comment.Local root exploit in NVidia driver
The point being that a hacker who can get into the system at all
Local root exploit in NVidia driver
... until you start your browser, that is.No open ports on a desktop workstation
There is also the issue of detection. It's a lot harder to detect a rootkit than some spyware or a keysniffer running as the local user. Of course, you data could still be toast, but botnets and spyware are so much more common these days.Local root exploit in NVidia driver
Yes exactly.Local root exploit in NVidia driver
rm -rf /home/luser
will do nicely.