Re: Once again, it's a local access issue
"If the miscreant has local access, it's already game over."
Well, unless both bootloader and firmware (including access to Intel's so-called "Management Engine" interface) have been properly locked down and the case has been secured with a padlock, of course.
There's not normally a need for that in the server room (but then, servers should - except in a few and far inbetween special cases - not run a GUI in the first place). However, if the Ubuntu box in question happens to be serving users in a public IT lab - a scenario quite common on university campuses - this bug is indeed an issue.
Biting the hand that feeds IT
