Re: Drivers, Hardware, and their relationship to Bagels.

Myrddin Ambrosius (imipak@yahoo.com)
Tue, 18 Jun 2002 11:35:15 -0700 (PDT)


--- "Richard B. Johnson" <root@chaos.analogic.com>
wrote:
> No hole you can drive through. A process with a UID
> of 0 and
> a GID of 0 can do anything it wants. It can execute
> iopl(3)
> and set an I/O permission level that allows it to
> directly access
> hardware I/O ports, etc. It can also turn off
> interrupts. Basically,
> it can do anything, since such a process can also
> memory-map anything.

But since it is the kernel that permits that (by
definition, since somebody has to check the UID & GID!
:) then the kernel can also restrict that.

The system admin account (UID/GID 0) could just as
easily access a virtual memory map, virtual I/O ports,
etc, with the kernel then handling how that maps onto
the physical world, and even IF it does.

> Users are not supposed to execute as 'root'. Also,
> only certain
> priviliged tasks execute as root. Ignore that this

The problem with priviliged tasks is that (in general)
they run with absolute privilige. Sure, some of these
priviliges can be turned off, but if /dev/mem is
reachable, then they can be turned back on again,
precicely for the reasons you give.

I guess that my understanding for having kernels the
size and complexity of Linux, as opposed to, say,
CP/M, is that the kernel can reduce the need for
userspace apps to have dangerous powers.

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/