Switch System Flaws: Difference between revisions
rip |
|||
| Line 158: | Line 158: | ||
| Summer 2017 (after smhax was discovered). | | Summer 2017 (after smhax was discovered). | ||
| December 23, 2017 | | December 23, 2017 | ||
| Everyone | |||
|- | |||
| Single session services not really single session | |||
| Several "critical" services (like fsp-ldr, fsp-pr, sm:m, etc) are meant to only ever hold a single session with a specific sysmodule. However, when a sysmodule dies, all its service session handles are released -- and thus killing the holder of a single session handle would allow one (via sm:hax etc) to get access to that service. | |||
This was fixed in [[4.0.0]] by adding a semaphore to these critical single-session services, so that even if one gets access to them an error code will be returned when attempting to use any of their commands. | |||
| With some way to access these services and kill their session holders: dumping sysmodule code, arbitrary service access, elevated filesystem permissions, etc. | |||
| [[4.0.0]] | |||
| [[4.0.0]] | |||
| May/June 2017 (basically immediately after smhax was discovered) | |||
| December 30, 2017 | |||
| Everyone | | Everyone | ||
|} | |} | ||