LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 16, 2012

Book review: Open Advice

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

"Protected" -- for how long?

"Protected" -- for how long?

Posted Apr 17, 2009 9:44 UTC (Fri) by hppnq (subscriber, #14462)
In reply to: "Protected" -- for how long? by spender
Parent article: The details on loading rootkits via /dev/mem

The STRICT_DEVMEM design and implementation is not without discussion among kernel developers. Unlike with other systems, the Linux kernel development process allows turds as well as gems to be entered into mainline without them being polished completely. That's the way it works. You see this a lot where people are cooperating.

Of course this has benefits as well as downsides, but you seem to be hinting that this must mean that Linux systems are unsafe, or less safe than they need be. This would very obviously not be true, for the simple reason that unauthorized access to /dev/mem is not completely dependent on a sane implementation of STRICT_DEVMEM. Or it should not be.

In your quoting you seem to miss one important part of Linus' point of view: that it may be a good idea to simply fix all bugs instead of singling out a certain class of them as being more important by nature.

Borrowing your logic: if there is a flaw in the implementation of STRICT_DEVMEM, there is also a flaw in the published attack. I think that demonstrates nicely how the process works.

(Log in to post comments)

"Protected" -- for how long?

Posted Apr 22, 2009 23:25 UTC (Wed) by dersteppenwolf (subscriber, #58226) [Link]

"Unlike with other systems, the Linux kernel development process allows turds as well as gems to be entered into mainline"

This would be great marketing tagline for Red Hat. But I hope you realize the flawed logic behind this reasoning. Let's imagine for a second that PaX was a turd, and ExecShield a gem, or viceversa (depending on your touch with reality and experience on security matters and system internals). Why the integration of some of the PaX features was never considered for mainline?

I'm not talking about the segmentation-based approach to NX, which could have understandable drawbacks for inclusion. But, what about the other gazillion advances PaX has implemented a decade ago and everyone has been slowly, but steadily plagiarizing? (yes, you read that right: plagiarizing. The act of copying someone else's work without giving proper credit or obscuring it for one's self promotion).

Further more, "Linux systems are unsafe, or less safe than they need be" implies you mix an objective sense of security with your perceived one. Let's say that the child pornography collection of some pedophile in Thailand does not have the same security impact as the manuals for operating a military beacon. And I agree, but the problem is that Linux is unsafe because of managerial decisions taken by people who don't have the necessary background, understanding and acumen to make them. Just because Linus is a demigod among hippies does not make him a kernel security nutcase.

I won't go into greater depths to demonstrate that your logic is the actual flawed one, besides the seemingly sheer power you have for squeezing a handful ad hominem fallacies in such a short text.

Linux, so good it smells. If you drink the koolaid, it might go away.

"Protected" -- for how long?

Posted Apr 24, 2009 14:50 UTC (Fri) by hppnq (subscriber, #14462) [Link]

This would be great marketing tagline for Red Hat.

Even though in this very first sentence you reveal that 1) you do not understand the Linux kernel development process, 2) you do not understand the Red Hat business model and 3) you did not understand my comment, you still managed to surprise me with the rest of your comment.

"Protected" -- for how long?

Posted Apr 27, 2009 17:36 UTC (Mon) by dersteppenwolf (subscriber, #58226) [Link]

You are right, I don't really understand the business model behind Red Hat. It's quite a challenging thing to understand how a corporation gets away with making a profit from the work of helpful and altruist volunteers world-wide.

And in a similar path of reasoning, I don't understand how Linux (especially 2.6) could end up being used in a corporate environment. With all due respect, it's a theme park version of an operating system core. The rollercoaster gives you a huge thrill, but you throw up anyway.

Regarding your comment, It was indeed pretty awesome, man.

"Protected" -- for how long?

Posted Apr 27, 2009 23:58 UTC (Mon) by nix (subscriber, #2304) [Link]

Thus speaks someone who's never seen high-end financial software used to
throw umpty-trillions around the world.

Believe me, Linux is a glittering icon of perfection next to most of
*that* appalling grot. (I don't even need to mention the major settlement
system whose core was for many years an umpty-thousand-line shell
script... but I'm going to anyway because I want to make you feel as ill
as I do.)

"Protected" -- for how long?

Posted Apr 28, 2009 3:07 UTC (Tue) by dersteppenwolf (subscriber, #58226) [Link]

Thanks for giving me cancer. Can we get back to discussing why Linux is flawed because their developers choose it to be that way? Even goddamn Vista is safer at the moment. That's kind of a shame.

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds