Re: AFS - The Ultimate Sulution?

[Valdis.Kletnieks () vt edu]

On Wed, 20 Sep 2006 13:33:48 EDT, Brian Eaton said:

> For some reason I think one or more of the *BSD variants has support
> for restricting the actions that root can take, which presumably
> includes preventing root from modifying the BIOS.  I can't recall the
> name of the feature, though, and I doubt you could teach Windows 2000
> a similar trick.

It's called "Secure levels", and it's a help but has been proven to be not as
bulletproof as you might wish - there's a few corner case breaks that have been
found in it (for instance, it prevents attempts to turn the system clock
backwards, but there isn't much it can do against kicking the clock forward to
a few seconds before it's 2038 rollover, let it wrap, then warp the clock
forwards again from 1970 to 10 minutes ago).  In particular, it's useful
against stopping some attacks that would otherwise be allowed to a program that
had already gotten root - but it doesn't help much if you have an exploit to
subvert the kernel.

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/