Re: [linux-security] Malicious Linux modules (fwd)

Harald Koenig (koenig@tat.physik.uni-tuebingen.de)
Mon, 13 Oct 1997 10:55:42 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Harald Koenig: "Re: [linux-security] Malicious Linux modules (fwd)"
Previous message: Dan Hollis: "[ 2.0.31-PRE10 VM BUG ]"
In reply to: teunis: "Re: FIC PA-2007 (Offtopic)"

On Oct 10, Peter Benie wrote:

> Booting from a known good image is fairly easy. You put the kernel on
> a read-only medium and boot from that. Floppy disk is an ideal
> candidate. (The read-only mechanism for floppies is implemented in
> hardware so it's fairly safe.) It would be necessary to stop root from
> getting access to the cmos ram and altering the boot order.

but once you are root it's easy to change the boot order (change CMOS),
so you physically need to check from which device you're booting
(watch the blinking lights...)

Harald

--
All SCSI disks will from now on                     ___       _____
be required to send an email notice                0--,|    /OOOOOOO\
24 hours prior to complete hardware failure!      <_/  /  /OOOOOOOOOOO\
                                                    \  \/OOOOOOOOOOOOOOO\
                                                      \ OOOOOOOOOOOOOOOOO|//
Harald Koenig,                                         \/\/\/\/\/\/\/\/\/
Inst.f.Theoret.Astrophysik                              //  /     \\  \
koenig@tat.physik.uni-tuebingen.de                     ^^^^^       ^^^^^

Next message: Harald Koenig: "Re: [linux-security] Malicious Linux modules (fwd)"
Previous message: Dan Hollis: "[ 2.0.31-PRE10 VM BUG ]"
In reply to: teunis: "Re: FIC PA-2007 (Offtopic)"