A software suspend decision point

Posted Nov 18, 2005 2:59 UTC (Fri) by brouhaha (subscriber, #1698)
Parent article: A software suspend decision point

Can't SELinux (which Fedora Core enables by default) be configured with appropriate security contexts so that only the user-space software suspsend program is allowed to write to /dev/kmem, but arbitrary code running as root cannot?

Without SELinux or something similar, if malware manages to run as root (possibly due to a privilege escalation exploit), you've already got VERY serious problems, and the inability to write to /dev/kmem doesn't restrict the malware's potential for wreaking havoc by very much.

And unless I'm missing something, blocking writes to /dev/kmem doesn't accomplish much unless you also block writes to /dev/mem. At one time there were a lot of things that wrote to /dev/mem, including the X servers; I don't know whether they still do. A few years ago I routinely used programs that wrote to /dev/mem to test various hardware under development, as well as a user-space ECC scrubbing program, but I haven't done either on Fedora.

Years ago I tried to push a suggestion to put special files in /proc/pci to allow access to PCI memroy regions, but a bunch of idiots thought that somehow that was MORE dangerous than writes to /dev/mem. Sigh.