User: Password:
|
|
Subscribe / Log in / New account

Local root vulnerability in the kernel

Local root vulnerability in the kernel

Posted May 15, 2013 17:20 UTC (Wed) by faramir (subscriber, #2327)
In reply to: Local root vulnerability in the kernel by arjan
Parent article: Local root vulnerability in the kernel

>to a large degree, just about any kind of kernel bug is a security issue; to a large extent that's just the nature/role of the kernel.

I would mostly agree with this statement as well, but I would point out that one can subdivide "security issue" into different categories. Here are some possible categories:

1. Denial of service
2. Leaking of privileged information
3. Modification of privileged information
4. Privilege escalation
5. Loss of user data

I would aggregate 2, 3, and 4 into a single bucket because historically they have frequently been found to be equivalent. It seems to me that this was a #3 bug and (again given historical trends) should have been treated as if it was a #4 bug. It clearly wasn't.

Perhaps if kernel programmers attempted to classify bugs using something like the above categories and then treated ones that fell into the more sensitive buckets as if they were security problems, this kind of thing could be prevented. Under the current system, we seem to be assuming that all kernel programmers are also security experts and can accurately assess the security implications of all of their code/bug fixes. This seems a little too much to ask even of them.


(Log in to post comments)

Local root vulnerability in the kernel

Posted May 15, 2013 21:03 UTC (Wed) by drag (subscriber, #31333) [Link]

It's not all that honest all the time. Certainly that can be part of it, but it's Linux kernel policy to not bring attention to bugs like this.

This has been brought up many times before on lwn.net.

There are a lot of people working with a lot of companies that market their products as being rather secure. They often see a distinct advantage to not admitting to problems because that makes their products look better when people compare vulnerability lists on places like Secunia.

Local root vulnerability in the kernel

Posted May 21, 2013 1:54 UTC (Tue) by vonbrand (guest, #4458) [Link]

Kernel programmers haven't got the time, nor the training, to try and classify each patch (ranging from wording in a comment, code reorganization for clarity, up to new subsystems) into your four buckets (there are in fact hundreds of other buckets to consider).


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds