jussi.laako at linux.intel.com
Thu Apr 10 14:49:50 GMT 2014
On 10.4.2014 15:20, Carsten Haitzler (The Rasterman) wrote:
> and what do you do when kernel is malicious (compromised) ? :) or hypervisor?
> again - you have to trust at some point. my point here is the display server is
> an element of a trusted system. and to the original topic - if a user can do
> it, it has access too.
Idea is to split things such way, that compromising component A or B
doesn't expose A*B=C. You would need to compromise A and B
simultaneously. And restrict the number, interface and size of the
components where exploit would grant access to protected data.
Have you seen many malicious exploits out there for IBM's LPAR / z/VM?
Btw, why the heck display server has any access to input methods anyway?
It's _DISPLAY_ server and not keyboard or mouse server...
More information about the Dev