Subject: Re: Why not track our xsrc with X11R6.6 from X.org?
To: Thor Lancelot Simon <email@example.com>
From: Andrey Petrov <firstname.lastname@example.org>
Date: 07/20/2001 12:05:04
My apologies, I was plain wrong here and insisted on it.
On Fri, Jul 20, 2001 at 02:29:20PM -0400, Thor Lancelot Simon wrote:
> On Fri, Jul 20, 2001 at 11:18:55AM -0700, Andrey Petrov wrote:
> > On Fri, Jul 20, 2001 at 10:32:50AM -0400, Thor Lancelot Simon wrote:
> > > On Fri, Jul 20, 2001 at 12:45:33AM -0700, Andrey Petrov wrote:
> > > >
> > > > I think I meant to say there are no certain memory protection that
> > > > reasonable Unices put even on root. At least today.
> > >
> > > Well, that's just wrong.
> > >
> > Every time someone debugs he accesses other process' memory. If you are root
> > you can debug any process in a system. /dev/mem gives you access to the kernel
> > memory. Is that wrong?
> Did you actually trouble yourself to read the section of the init manual
> page to which you've been repeatedly referred? At securelevel > 0, the
> kernel enforces a set of restrictions specifically designed to prevent any
> user process, even one running as root, from gaining access to the kernel's
> memory; as well as preventing writing raw disks, changing file flags,
> remounting filesystems, etc. In other words, you're just plain wrong; the
> kernel specifically prevents access to /dev/mem in order to prevent a rogue
> process with root priveleges from making any persistent changes to the
> The issue of access to the memory space of other user processes is largely
> separate from this; you cannot conduct a privilege-elevation attack by using
> root privilege to access another process' memory, because that process
> cannot, by definition, have more privilege than you already do. The sole
> exception is init, WHICH IS WHY WE DO NOT ALLOW PTRACE OF INIT.
> Thor Lancelot Simon email@example.com
> And now he couldn't remember when this passion had flown, leaving him so
> foolish and bewildered and astray: can any man?
> William Styron