Re: Insecurity in linux boot

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Alexander V. Voinov: "feedback for 2.2pre5"
• Previous message: Jacob Hawley: "Re: question about sblive and linux"
• In reply to: Rik van Riel: "Re: Qmail for Vger campaign :)"
• Next in thread: Gregory Maxwell: "Re: Insecurity in linux boot"

> At the end of boot, Linux kernel tries to fork init.
> If it fails, /bin/sh is forked.
> It means that If someone can alter init (with a tmp race for
> example), then reboot, it will have all access to the system.

Stop here. If somebody can alter init what prevents him from
plain and simple exec on /bin/sh? Not from the kernel, right from init.
If /sbin/init is compromised, *all* stakes are off. init has to be
called first _and_ with complete privileges. If you can alter its code
you can do anything that can be in principle done from user mode.
Considering insmod... Well, anything that can be done from kernel mode
is also available, just roll a code and submit it to kernel.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Alexander V. Voinov: "feedback for 2.2pre5"
• Previous message: Jacob Hawley: "Re: question about sblive and linux"
• In reply to: Rik van Riel: "Re: Qmail for Vger campaign :)"
• Next in thread: Gregory Maxwell: "Re: Insecurity in linux boot"