DMA for firewire opens security hole
As Adam Boileau and others pointed out, Firewire has direct memory access without any participation of the OS.
Using some nice tools he provides on his website http://
There's a very easy solution to this: ohci1394 should be loaded with option "phys_dam=0" by default - maybe this slowdowns Firewire access a little, but the computer can't be forged anymore!
At least Gutsy doesn't do this as far as I can tell (my laptop didn't have the option set, according to modconf - now it has...)
|Changed in linux:|
|assignee:||nobody → ubuntu-kernel-team|
|importance:||Undecided → Medium|
|status:||New → Triaged|