[cap-talk] "Security Issues related to Pentium System Management Mode"
Wes Felter
wmf at austin.ibm.com
Thu May 4 12:04:27 EDT 2006
On May 3, 2006, at 8:09 PM, Jed at Webstart wrote:
>
> When discussing a sample exploit against OpenBSD the author says
> (pg. 32):
>
> "We assume that an attacker has found a way to
> execute code with superuser privileges."
>
> Isn't that a bit extreme? Is that perhaps because the X Server
> must execute
> with superuser privileges?
Yes, this is a weird attack. For example, on Linux or XP a superuser
could load a kernel module, which would be much easier than this attack.
Most X servers run as root because the graphics driver is in
userspace and needs to access the hardware. Putting the driver in the
kernel or in a separate process might improve things.
I assume AMD processors implement SMM, so they would be equally
vulnerable to this (pointless) attack.
Wes Felter
Power-Aware Systems Department
IBM Austin Research Lab
11400 Burnet Road, Austin, TX 78758
Tel 512-838-7933
More information about the cap-talk
mailing list