[195] in Best-of-Security


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

BoS: Sun hardware reset through framebuffer access

daemon@ATHENA.MIT.EDU (danisch@ira.uka.de)
Wed May 28 14:26:00 1997

From: danisch@ira.uka.de
Date: Wed, 28 May 1997 16:19:49 +0200 (MET DST)
Errors-To: best-of-security-request@suburbia.net
To: best-of-security@suburbia.net
Resent-From: best-of-security@suburbia.net

It is also possible to crash a Sun under SunOS 5.x by
access to the framebuffer character device (/dev/fbs/*). Access is
usually granted by /etc/logindevperm and needed if the Xserver is used
without setuid/gid permissions.

I found this unintentionally due to a bug in my software: I had opened
the framebuffer device and mmaped it in order to write directly into
the framebuffer memory, but accidently had taken a wrong
offset. Writing to a wrong address can cause the machine to crash
immediately, I assume that some hardware registers can be reached.

Hadmut


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[195] in Best-of-Security

BoS: Sun hardware reset through framebuffer access

daemon@ATHENA.MIT.EDU (danisch@ira.uka.de)Wed May 28 14:26:00 1997

daemon@ATHENA.MIT.EDU (danisch@ira.uka.de)
Wed May 28 14:26:00 1997