I'm not sure what your point it.
By the same reasoning you could say: See, root will never be locked down, because you can run without lockdown.
That's obviously true.
The important part is:
It must be made **possible** to configure the system in such a way that root does not automatically have kernel privileges.
We are actually not that far away from that goal. The module loading problem can be solved with signing or by disabling module loading or maybe some other methods today.
What cannot easily be solved by an administrator today is that some filesystems are still not safe against malicious images. There are multiple possible ways to get to a solution for this, like mandatory FUSE implementations or implementations in safe languages. But it requires people to acknowledge the problem first. Which I'm not so sure whether it is done today.
Activities for making Linux safe against malicious root or even malicious hardware (to some degree) are ongoing and I very much welcome that. I currently see that AI tools help with that. Patches are currently being merged to fix security vulnerabilities in old drivers that nobody would spend much of their human time on. Which is a good thing in general. Maybe we can see something like this for filesystems, too?
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。