View Single Post
  #5   (View Single Post)  
Old 4th September 2010
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Helpful companion
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223

The vulnerability is possible because of a Linux kernel bug, they used a separate vulnerability in X to exploit the kernel vulnerability.

When you run Linux software on OpenBSD there is no Linux kernel involved, OpenBSD simply emulates the system calls and approximates their behaviour.

For example, if hypothetically you managed to run an X server compiled for Linux under an OpenBSD kernel (..which is NOT possible), the available exploit would only crash the X server and that is all.

It is possible that a program other than X could trigger this kernel vulnerability, X was just a demonstration.. as until KMS (..kernel mode setting) is widely implemented X has to run a lot of code in userland as root.

If you're going to run Linux software on OpenBSD, don't run it as root anyway, that's just asking for trouble.
Reply With Quote