|
Beware the Nvidia blob
NVIDIA Linux Driver Hack Gives You Root Access
http://www.phoronix.com/scan.php?pag...tem&px=MTE1MTk Although I have used the nvidia blob driver in the past, I only used it because I needed some 3D capabilities. The recent nouveau drivers provide good 3D support for most cards, so I use that now. The stability of the nouveau drivers has greatly improved with more recent releases as has the usability of the drivers. I notice that they now have power levels for my netbook and the fan does NOT run at 100% anymore. Rarely there is some graphics corruption and crashing with some 3D apps, but it is rare. I am never going back to the blob, because it is not stable, not secure, not FLOSS, and not much better than nouveau for what I use. I am posting this in the Slackware forum because perhaps people here care more about security and stability than in other forums. I have also seen many threads here about how to get the nvidia drivers working. The mods can move it if they see fit. |
The nouveau driver didn't work on this desktop with the integrated graphics (nVidia 6150se/nForce 430), so I had to use the proprietary driver. I fitted a GTS 450 a while ago, but haven't taken the risk(?) of trying it with the nouveau.
P.S. I'm a bit dubious about compiling & running that exploit (downloads as a .bin, but is actually a .c source file): Code:
bash-4.1$ cd temp |
I still use the nvidia driver. Nouveau is not for me and what I want. Security problems with software are not limited to Nvidia, so we always have to be on guard.
|
the file is C-based file, so you have to compile it first
|
Yeah, I know. But is it safe to run after compiling? I've glanced through the file, but don't really know enough about C.
Edit Oh, what-the-hell, I'll take a chance! :eek: :) |
Be adventurous brianL! Then report back and let us know... :)
|
Whoooaaaaaaaaaa!!! This is what happened:
Code:
brian@slackdesk:~/temp$ gcc exploit.c -o exploit |
This is what I got:
Code:
exploit.c:607:20: warning: always_inline function might not be inlinable [-Wattributes] |
I got that when I compiled it, when I ran it I saw "killed" after the point it said the exploit was being run, then messages similar to BrianL. The people on Slashdot who ran it seemed to see similar, I think only one of them had success.
Now I feel like I should wipe my system and reinstall though since I can't follow the ASM in the source file. |
If the exploit succeeds, it should say:
Code:
printf("[*] Have root, will travel..\n");http://lwn.net/Articles/509131/ |
Hmm, after reading that link I think we're not safe. If the code's running in kernel space, but crashing, that means kernel space can be accessed through the exploit from userspace. Or am I misreading the comments on the linked page?
|
I should have also said that I am running a custom kernel. Maybe that's why it won't do anything.
|
Mmm, rereading these two quotes, it sounds as if we're OK as far as this exploit goes:
Quote:
Quote:
|
I'm going by this:
Quote:
|
Mmmm.
Should we: PANIC!!! or: DON'T PANIC!!! :scratch: |
| All times are GMT -5. The time now is 10:12 AM. |