Re: One for the Security Guru's

From: Henning P. Schmiedehausen (hps@intermeta.de)
Date: Thu Oct 24 2002 - 06:09:41 EST

Next message: Andrea Arcangeli: "Re: writepage return value check in vmscan.c"
Previous message: Henning Schmiedehausen: "Re: feature request - why not make netif_rx() a pointer?"
In reply to: Ville Herva: "Re: One for the Security Guru's"
Next in thread: Alan Cox: "Re: One for the Security Guru's"
Reply: Alan Cox: "Re: One for the Security Guru's"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ville Herva <vherva@niksula.hut.fi> writes:

>the /dev/kmem hole, but this closes 2 classes of attacks - loading rootkit
>module and booting with a hacked kernel in straight-forward way.

Question: What do I lose when you remove /dev/kmem?
Related question: Would it be useful to make /dev/kmem read-only?

Regards
Henning

-- Dipl.-Inf. (Univ.) Henning P. Schmiedehausen -- Geschaeftsfuehrer INTERMETA - Gesellschaft fuer Mehrwertdienste mbH hps@intermeta.de

Am Schwabachgrund 22 Fon.: 09131 / 50654-0 info@intermeta.de D-91054 Buckenhof Fax.: 09131 / 50654-20 - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrea Arcangeli: "Re: writepage return value check in vmscan.c"
Previous message: Henning Schmiedehausen: "Re: feature request - why not make netif_rx() a pointer?"
In reply to: Ville Herva: "Re: One for the Security Guru's"
Next in thread: Alan Cox: "Re: One for the Security Guru's"
Reply: Alan Cox: "Re: One for the Security Guru's"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Thu Oct 31 2002 - 22:00:23 EST