[pkgsrc/trunk]: pkgsrc/sysutils/aperture Don't give people a false sense of s...

[christos <christos%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/9f99124a4c5f
branches:  trunk
changeset: 509281:9f99124a4c5f
user:      christos <christos%pkgsrc.org@localhost>
date:      Tue Mar 07 23:14:39 2006 +0000

description:
Don't give people a false sense of security.

diffstat:

 sysutils/aperture/MESSAGE |  21 +++++++++++++++++++--
 1 files changed, 19 insertions(+), 2 deletions(-)

diffs (34 lines):

diff -r 81d6c54279ad -r 9f99124a4c5f sysutils/aperture/MESSAGE
--- a/sysutils/aperture/MESSAGE Tue Mar 07 23:10:01 2006 +0000
+++ b/sysutils/aperture/MESSAGE Tue Mar 07 23:14:39 2006 +0000
@@ -1,5 +1,5 @@
 ===========================================================================
-$NetBSD: MESSAGE,v 1.1 2002/01/27 19:31:59 jlam Exp $
+$NetBSD: MESSAGE,v 1.2 2006/03/07 23:14:39 christos Exp $
 
 Add the following line to /etc/lkm.conf:
 
@@ -9,5 +9,22 @@
 
     lkm=YES
 
-in /etc/rc.conf.  Then, reboot your system.
+in /etc/rc.conf.  Then, /etc/rc.d/lkm3 restart
+
+**************************
+**** SECURITY WARNING ****
+**************************
+
+Please note that use of this driver only raises the bar somewhat
+on breaking the securelevel abstraction. Loading this driver provides
+the opening process with access to various things that can write
+anywhere in memory (such as DMA engines, frame-buffer paint engines,
+SMM). While one has to write a little more code to aim these memory
+writers at the securelevel variable in kernel memory, it is not really
+difficult to do so. Finally the fact that only one process can have
+/dev/xf86 open at a time does not win much since root can kill it
+at anytime and start another process. This exploit has to do with
+root being able to change the security level and do things it could
+not do before.
+
 ===========================================================================