Path: csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!weretis.net!feeder4.news.weretis.net!news.musoftware.de!wum.musoftware.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail From: =?iso-8859-1?q?G=FCnther?= Schwarz Newsgroups: comp.os.linux.security Subject: Re: Write protection on SD cards Date: 17 Dec 2011 16:32:22 GMT Lines: 29 Message-ID: <9l3ugmFc2sU1@mid.individual.net> References: <9hb396F3fcU1@mid.individual.net> <9hkma2Fcu3U1@mid.individual.net> <7tobv7pu6a.fsf@leeloo.local.mcanswer.pl> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Trace: individual.net Fnmnx3fKj9w2xr4GznsbOATh2gulKbPcqVzFIXSwqq682BuMclCxDPgRKm Cancel-Lock: sha1:/LKWBXwC/X9Qai0HZaVCZe3sEuU= User-Agent: Pan/0.132 (Waxed in Black) Xref: x330-a1.tempe.blueboxinc.net comp.os.linux.security:76 mcanswer wrote: > Günther Schwarz writes: > >> Tobias Blass wrote: >> >>> On 2011-11-01, Günther Schwarz wrote: >>> the attacker could (root access provided) e.g. load a >>> kernel >>> module or install another kernel that does not check the write >>> protection switch. >> >> You understood that correctly. The device is supposed to survive in a >> clean state in case the systems gets compromised and thus allow for a >> fresh installation without having to insert a CD or doing a PXE boot. >> It should be better in this respect than an extra partition on the main >> hard disk. But still the security needs are moderate. > > You can always use some mandatory access control preventing attacker > from access to this device and/or from load kernel modules. The first > one could be done by SeLinux or RBAC, second one by for ex. GrSecurity These are all very useful in protecting a running system. But then my question was if a SD might be considered as reasonably safe in a scenario where an uncontrolled system an kernel are running. Just think of a bug or a misconfiguration in the BIOS setup which allows for booting from a CD or USB device instead from the hard disk. Günther