[conspire] USB security vulnerability.

Don Marti dmarti at zgp.org
Mon Jul 25 12:51:19 PDT 2005

begin Rick Moen quotation of Mon, Jul 25, 2005 at 12:04:35PM -0700:

> Article points out that device drivers run in kernelspace, and therefore
> any buffer overflows in badly written device drivers may be exploitable
> with system privilege.  But we knew that.  That's why fixing significant
> kernel bugs is important.

And that's why people who want Linux to support
proprietary drivers are smoking crack, sensible Linux
users won't let a hardware vendor dump a unreviewed
driver into kernel space, and you should usually use
usbfs and libusb to handle your new USB device anyway.


Don Marti
dmarti at zgp.org

More information about the conspire mailing list