Local root exploit in NVidia driver
Local root exploit in NVidia driver
Posted Oct 17, 2006 7:37 UTC (Tue) by beejaybee (guest, #1581)In reply to: Local root exploit in NVidia driver by rsidd
Parent article: Local root exploit in NVidia driver
"who is endangered by a local root exploit? Only multi-user machines with untrusted users."
Not quite true. The point being that a hacker who can get into the system at all can escalate privelege via the exploit i.e. all systems are effectively multi-user.
Now there's no 100% effective defence against hackers (short of complete and permanent disconnection from the network), but this episode shows the insanity of installing closed source drivers on any system which ever has network access.
I'm not claiming that open source is 100% proof either (see above) but at least if an open source driver compromises you (a) it's at least partly your fault for misplacing trust in someone who's either incompetent or hostile, (b) a timely and effective fix is likely to be available.
Security by obscurity is not, never has been and never will be effective. MS Vista developers please note.
Posted Oct 17, 2006 11:29 UTC (Tue)
by hein.zelle (guest, #33324)
[Link] (2 responses)
I'm sorry, but even though I am not happy with the closed nature of the nvidia drivers (being the owner of several of such cards) I think the above remark is a bit out of bounds.
Calling closed-source drivers on a system connected to the network "insanity" is rather overdone, I'd say. Apart from the fact that at least 80% percent of all computers ONLY run closed source drivers (which I suspect you indeed find insane :-), I don't see the big difference with other closed software. I'd like to see the count of LWN readers that don't have ANY closed source software on their machine, vs the amount of people that run google-earth, for instance. Why would a driver be any more dangerous than a piece of software that is used daily on the internet? I suspect the risk of getting your system broken into through a bug in a popular webbrowser is a lot higher than through a closed-source video driver.
I think the real issue is the fact that you have no control over bugfixes in closed-source software, be it a driver or something else. To many people that will not be acceptable, and to many others it will be as long as the manufacturer responds reasonably well to problems. From this article and the responses I'm neither convinced that NVidia is doing a very good job at it, nor that they are messing it up. It may be interesting to just ask them about it. I think it's only in NVidia's best interest to deal with the issue appropriately, and wouldn't be surprised if they became a bit more informative if told about the impression they've left behind.
Posted Oct 21, 2006 2:52 UTC (Sat)
by roelofs (guest, #2599)
[Link] (1 responses)
Do you honestly not get that? A driver lives in kernel space--it's root already! With the possible exception of certain kinds of hardened kernels, there are very few things a driver can't do. If someone gets that far, they own your machine--period. And to get that far, all it takes is one unprivileged remote exploit--perhaps browser-based, perhaps email-based, perhaps in a web server or irc client or SSH daemon; you name it, if it involves the network, it's a potential hole.
So yes, the balance of danger between a driver and a piece of Internet software, each taken on its own, is unclear--one is local but basically infinitely powerful; the other is remote but of limited power. However, it's naive to imagine that the bad guys are going to limit themselves to just one or the other--or that you (or your distro provider) are going to know about all the holes they know about. Every chink in the armor is a stepping stone to the next level of penetration, and these days, two or three of them may very well be all it takes.
Greg
Posted Oct 21, 2006 19:43 UTC (Sat)
by hein.zelle (guest, #33324)
[Link]
Apart from that I agree completely with your remark about every (unknown) vulnerability being one too many, I'm not trying to justify closed-source software with vulnerabilities in it. The point was about the original poster calling "closed source drivers" being madness in general, which I think rather depends on the behaviour of the manufacturer. Although it's clearly not the case here, I could very well imagine a manufacturer that does deal properly with (un)disclosed vulnerabilities. Unfortunately the NVIDIA case isn't suggesting that about their behaviour, so far.
Posted Oct 17, 2006 12:30 UTC (Tue)
by rsidd (subscriber, #2582)
[Link] (1 responses)
And the nvidia hole does what, exactly, to enable such a hacker?
Yes, back in the 1990s, a default install (from, say, Red Hat) would have twenty services running, ten of which would have remote holes. So you could assume that any system is effectively multi-user. Those days are gone (I would hope). If you're a desktop user, you shouldn't have any open ports.
Posted Oct 18, 2006 1:59 UTC (Wed)
by xoddam (subscriber, #2322)
[Link]
> Now there's no 100% effective defence against hackers (short of completeLocal root exploit in NVidia driver
> and permanent disconnection from the network), but this episode shows
> the insanity of installing closed source drivers on any system which
> ever has network access.
Why would a driver be any more dangerous than a piece of software that is used daily on the internet?
Local root exploit in NVidia driver
Good point, I didn't think of that when I wrote that comment.Local root exploit in NVidia driver
The point being that a hacker who can get into the system at all
Local root exploit in NVidia driver
... until you start your browser, that is.No open ports on a desktop workstation