From: Andreas Ferber <aferber@techfak.uni-bielefeld.de>
To: Bruce Harada <bruce@ask.ne.jp>
Cc: Frank van de Pol <fvdpol@home.nl>, linux-kernel@vger.kernel.org
Subject: Re: Hardwired drivers are going away?
Date: Mon, 21 Jan 2002 04:49:52 +0100 [thread overview]
Message-ID: <20020121044952.A21348@devcon.net> (raw)
In-Reply-To: <Pine.LNX.4.44.0201181632000.18867-100000@filesrv1.baby-dragons.com> <14160.1011396163@ocs3.intra.ocs.com.au> <20020121002041.B1958@idefix.fvdpol.home.nl> <20020121095458.2bd9c7ed.bruce@ask.ne.jp>
In-Reply-To: <20020121095458.2bd9c7ed.bruce@ask.ne.jp>; from bruce@ask.ne.jp on Mon, Jan 21, 2002 at 09:54:58AM +0900
On Mon, Jan 21, 2002 at 09:54:58AM +0900, Bruce Harada wrote:
>
> ...and how would you guarantee that this setting remains set, in the face of
> some nasty little cracker screwing around with /dev/kmem?
If the attacker gained the ability to play with /dev/kmem, he can
already load modules into the kernel, regardless if the kernel is
actually compiled with module support or not. You can find various
papers describing how to do it via google, and AFAIK some rootkits are
already using those techniques, so it's even "scriptkiddy-ready".
Face it, there is absolutely /no/ security gain in disabling module
support.
Andreas
--
Andreas Ferber - dev/consulting GmbH - Bielefeld, FRG
---------------------------------------------------------
+49 521 1365800 - af@devcon.net - www.devcon.net
next prev parent reply other threads:[~2002-01-21 3:50 UTC|newest]
Thread overview: 97+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <fa.dardpev.1m1emjp@ifi.uio.no>
2002-01-14 10:14 ` ISA hardware discovery -- the elegant solution Giacomo Catenazzi
2002-01-14 16:16 ` Eric S. Raymond
2002-01-14 16:38 ` Giacomo Catenazzi
2002-01-14 16:34 ` Eric S. Raymond
2002-01-14 17:48 ` Alan Cox
2002-01-14 17:55 ` Mr. James W. Laferriere
2002-01-14 18:08 ` Alan Cox
2002-01-14 18:10 ` Hardwired drivers are going away? Eric S. Raymond
2002-01-14 18:50 ` David Lang
2002-01-14 19:04 ` Alan Cox
2002-01-14 18:57 ` David Lang
2002-01-14 19:03 ` Andrew Pimlott
2002-01-14 19:21 ` Alan Cox
2002-01-15 10:45 ` Horst von Brand
2002-01-15 11:13 ` crispin
2002-01-15 14:25 ` David Lang
2002-01-14 19:00 ` Mr. James W. Laferriere
2002-01-14 19:17 ` Alan Cox
2002-01-14 19:14 ` Mr. James W. Laferriere
2002-01-14 19:37 ` Alan Cox
2002-01-14 20:28 ` Mr. James W. Laferriere
2002-01-14 19:44 ` David Lang
2002-01-14 20:09 ` Alexander Viro
2002-01-14 20:49 ` Chris Friesen
2002-01-14 20:55 ` Alexander Viro
2002-01-14 20:51 ` Ian Molton
2002-01-14 22:11 ` David Lang
2002-01-14 23:12 ` Brian Gerst
2002-01-14 23:17 ` David Lang
2002-01-14 23:22 ` Ian Molton
2002-01-15 0:40 ` H. Peter Anvin
2002-01-14 19:54 ` David Lang
2002-01-15 17:27 ` Aaron Lehmann
2002-01-15 17:47 ` Alexander Viro
2002-01-15 19:48 ` Alan Cox
2002-01-18 12:39 ` Florian Weimer
2002-01-18 22:20 ` Mr. James W. Laferriere
2002-01-18 23:22 ` Keith Owens
2002-01-20 23:20 ` Frank van de Pol
2002-01-21 0:54 ` Bruce Harada
2002-01-21 3:49 ` Andreas Ferber [this message]
2002-01-21 4:45 ` Bruce Harada
2002-01-21 5:12 ` Andreas Ferber
2002-01-21 1:06 ` Anton Altaparmakov
2002-01-21 1:07 ` Mr. James W. Laferriere
2002-01-21 1:30 ` Andrew Morton
2002-01-21 1:53 ` Keith Owens
2002-01-21 2:04 ` Andrew Morton
2002-01-21 2:25 ` Keith Owens
2002-01-21 2:56 ` Andrew Morton
2002-01-21 3:43 ` Keith Owens
2002-01-21 4:24 ` Andrew Morton
2002-01-21 3:44 ` yodaiken
2002-01-21 20:57 ` Kai Henningsen
2002-01-21 2:13 ` John Levon
2002-01-21 2:31 ` Keith Owens
2002-01-21 23:52 ` Thomas Zimmerman
2002-01-21 9:34 ` Horst von Brand
2002-01-21 14:29 ` John Levon
2002-01-21 1:31 ` Anton Altaparmakov
2002-01-14 19:27 ` Alexander Viro
2002-01-15 17:24 ` Aaron Lehmann
2002-01-15 18:17 ` David Lang
2002-01-15 19:25 ` Aaron Lehmann
2002-01-15 19:44 ` Kai Henningsen
2002-01-14 18:54 ` Mr. James W. Laferriere
2002-01-14 18:56 ` Alan Cox
2002-01-14 18:39 ` Eric S. Raymond
2002-01-14 19:09 ` Alexander Viro
2002-01-14 14:19 ` Rob Landley
2002-01-14 22:33 ` Greg KH
2002-01-15 11:35 ` Keith Owens
2002-01-15 15:34 ` Oliver Xymoron
2002-01-14 19:24 ` Alan Cox
2002-01-14 20:17 ` Eric S. Raymond
2002-01-14 14:57 ` Rob Landley
2002-01-14 20:51 ` David Lang
2002-01-14 22:18 ` Oliver Xymoron
2002-01-15 19:20 ` Horst von Brand
2002-01-16 9:00 ` Eric S. Raymond
2002-01-14 23:12 ` Rusty Russell
2002-02-09 0:19 ` Dr. Kelsey Hudson
2002-01-14 17:59 ` ISA hardware discovery -- the elegant solution Eric S. Raymond
2002-01-14 18:35 ` Alan Cox
[not found] <20020115025840.11509.qmail@science.horizon.com.suse.lists.linux.kernel>
2002-01-15 12:16 ` Hardwired drivers are going away? Andi Kleen
2002-01-15 2:58 peter
2002-01-15 12:44 ` Alan Cox
2002-01-15 12:39 ` David S. Miller
2002-01-15 18:39 ` Rob Landley
[not found] <mailman.1011034621.1626.linux-kernel2news@redhat.com>
2002-01-14 23:33 ` Pete Zaitcev
[not found] <fa.g055bvv.qmq0hk@ifi.uio.no>
[not found] ` <ksahkuv.tg60gl@ifi.uio.no>
2002-01-14 22:22 ` Chris Adams
-- strict thread matches above, loose matches on Subject: below --
2001-08-05 0:39 module unresolved symbols rich+ml
2001-08-05 0:49 ` Jesse Pollard
2001-08-05 0:51 ` Steven Walter
2001-08-05 1:48 ` Keith Owens
2001-08-05 16:06 ` Horst von Brand
2001-08-06 11:18 ` Keith Owens
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20020121044952.A21348@devcon.net \
--to=aferber@techfak.uni-bielefeld.de \
--cc=bruce@ask.ne.jp \
--cc=fvdpol@home.nl \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox