If you can put a trojan horse in rmmod, you could already
get root before, because:
1. rmmod is always executed as root (this involves
waiting for someone to do an rmmod), and
2. rmmod is a hard link to insmod, which is called
by modprobe, which is exec'ed by every version of
kmod whenever a module is requested.
Adam J. Richter __ ______________ 4880 Stevens Creek Blvd, Suite 205
adam@yggdrasil.com \ / San Jose, California 95129-1034
+1 408 261-6630 | g g d r a s i l United States of America
fax +1 408 261-6631 "Free Software For The Rest Of Us."
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu