[conspire] USB security vulnerability.
Don Marti
dmarti at zgp.org
Mon Jul 25 12:51:19 PDT 2005
begin Rick Moen quotation of Mon, Jul 25, 2005 at 12:04:35PM -0700:
> Article points out that device drivers run in kernelspace, and therefore
> any buffer overflows in badly written device drivers may be exploitable
> with system privilege. But we knew that. That's why fixing significant
> kernel bugs is important.
And that's why people who want Linux to support
proprietary drivers are smoking crack, sensible Linux
users won't let a hardware vendor dump a unreviewed
driver into kernel space, and you should usually use
usbfs and libusb to handle your new USB device anyway.
http://www.linuxjournal.com/article/7466
--
Don Marti
http://zgp.org/~dmarti/
dmarti at zgp.org
More information about the conspire
mailing list