Re: current->uid

Horst von Brand (vonbrand@sleipnir.valparaiso.cl)
Sun, 11 Apr 1999 22:02:45 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Sergei Ivanov: "Re: a modem problem introduced in 2.2.4"
Previous message: Horst von Brand: "Re: capabilities in elf headers, (my) final (and shortest) iteration"
Maybe in reply to: Dan Hollis: "current->uid"
Next in thread: Sean Hunter: "Re: current->uid"

<kernel@vdr.qc.ca> said:

[...]

> OK, but there won't be such system call. The goal of this is to set an
> array of 500 possible users that could be root (including 0). This would
> mean that an exploit would have to try many uids before getting somewhere,
> and if root is paranoid, he can change his ID 5 times a day. Then the
> exploits would only work for a fairly short time.

Exploits usually work by taking over an pivileged process, so this won't
help a bit. Or they work by cracking root's password in some way, and
loging in normally. Your scheme won't protect against any of those.

-- Horst von Brand vonbrand@sleipnir.valparaiso.cl Casilla 9G, Viña del Mar, Chile +56 32 672616

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Sergei Ivanov: "Re: a modem problem introduced in 2.2.4"
Previous message: Horst von Brand: "Re: capabilities in elf headers, (my) final (and shortest) iteration"
Maybe in reply to: Dan Hollis: "current->uid"
Next in thread: Sean Hunter: "Re: current->uid"