[Cryptography] Is "drivers for foo" a major malware vector?
Bill Frantz
frantz at pwpconsult.com
Tue Apr 19 19:03:02 EDT 2016
On 4/18/16 at 4:26 PM, huitema at huitema.net (Christian Huitema) wrote:
>That's the whole point of building a "golden path" for getting
>drivers through Windows Updates. So that users won't have to
>web through the dark corners of the Internet to get crazy
>drivers. Positive message: "do this and you will be OK." That
>tends to work better than negative warnings.
>Also, requiring signature of driver files, which provides some
>traces. But then, we can get into the whole PKI argument again...
The best security I have seen for device drivers on a widely
distributed system was in IBM's VM/370. VM/370 made a virtual
370 for each user -- somewhat like modern virtual machine
systems do for the i86. The 370 did its I/O through a "channel"
which attached several devices and would run a "channel program"
on each of these devices. The VM/370 monitor took a channel
program from the virtual machine and translated it to run on the
real channel. This translation made sure the channel program
could not address other I/O devices on the channel or memory
which was not part of the virtual machine [1].
CapROS <http://www.capros.org/> is a capability operating system
which runs it's device drivers as normal application programs.
It supports easy porting of device drivers from Linux.
The best kind of security for device drivers is to limit their
authority. The need the authority to communicate with their
device, the ability to read and write certain portions of
memory, and perhaps the ability to append entries to a system
log. They don't need much else and shouldn't have much else. The
idea of running them at maximum privilege is just crazy.
Cheers - Bill
[1] There was one major security bug in this translation
involving relaxing a restriction to support an IBM written
channel program. That bug was fixed with patch.
-------------------------------------------------------------------------
Bill Frantz | Airline peanut bag: "Produced | Periwinkle
(408)356-8506 | in a facility that processes | 16345
Englewood Ave
www.pwpconsult.com | peanuts and other nuts." - Duh | Los Gatos,
CA 95032
More information about the cryptography
mailing list