Local root exploit in NVidia driver
Posted Oct 21, 2006 2:52 UTC (Sat) by roelofs
In reply to: Local root exploit in NVidia driver
Parent article: Local root exploit in NVidia driver
Why would a driver be any more dangerous than a piece of software that is used daily on the internet?
Do you honestly not get that? A driver lives in kernel space--it's root already! With the possible exception of certain kinds of hardened kernels, there are very few things a driver can't do. If someone gets that far, they own your machine--period. And to get that far, all it takes is one unprivileged remote exploit--perhaps browser-based, perhaps email-based, perhaps in a web server or irc client or SSH daemon; you name it, if it involves the network, it's a potential hole.
So yes, the balance of danger between a driver and a piece of Internet software, each taken on its own, is unclear--one is local but basically infinitely powerful; the other is remote but of limited power. However, it's naive to imagine that the bad guys are going to limit themselves to just one or the other--or that you (or your distro provider) are going to know about all the holes they know about. Every chink in the armor is a stepping stone to the next level of penetration, and these days, two or three of them may very well be all it takes.
to post comments)