From: Pavel Machek <pavel@suse.cz>
To: Ingo Molnar <mingo@elte.hu>
Cc: Willy Tarreau <w@1wt.eu>,
Benjamin Herrenschmidt <benh@kernel.crashing.org>,
pageexec@freemail.hu, Andi Kleen <andi@firstfloor.org>,
Arjan van de Ven <arjan@infradead.org>,
linux-kernel@vger.kernel.org, tglx@tglx.de, hpa@zytor.com
Subject: Re: [patch] Add basic sanity checks to the syscall execution patch
Date: Sun, 7 Sep 2008 14:53:31 +0200 [thread overview]
Message-ID: <20080907125331.GA1707@elf.ucw.cz> (raw)
In-Reply-To: <20080906154551.GB1774@elte.hu>
On Sat 2008-09-06 17:45:51, Ingo Molnar wrote:
>
> * Willy Tarreau <w@1wt.eu> wrote:
>
> > Then they will simply proceed like this :
> > - patch /boot/vmlinuz
> > - sync
> > - crash system
> >
> > => user says "oh crap" and presses the reset button. Patched kernel boots.
> > Game over. Patching vmlinuz for known targetted distros is even easier
> > because the attacker just has to embed binary changes for the most
> > common distro kernels.
>
> a reboot often raises attention. But yes, in terms of end user boxes,
> probably not. Anyway, my points were about transparent rootkits
> installed on a running system without anyone noticing - obviously if the
> attacker can modify the kernel image and the user does not mind a reboot
> it's game over.
Well, install a rootkit in /boot/vmlinuz, sync, then wait for user to
reboot its system?
Even well-kept servers are rebooted from time to time.
I agree -- the only way to win is not to play this game.
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
next prev parent reply other threads:[~2008-09-07 12:52 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-09-04 2:51 [patch] Add basic sanity checks to the syscall execution patch Arjan van de Ven
2008-09-04 12:01 ` Andi Kleen
2008-09-04 12:34 ` Alan Cox
2008-09-04 13:06 ` Andi Kleen
2008-09-04 12:44 ` Arjan van de Ven
2008-09-05 9:43 ` pageexec
2008-09-05 10:14 ` Benjamin Herrenschmidt
2008-09-05 10:49 ` pageexec
2008-09-05 10:57 ` Benjamin Herrenschmidt
2008-09-05 11:42 ` Ingo Molnar
2008-09-05 12:00 ` pageexec
2008-09-05 15:42 ` Ingo Molnar
2008-09-05 16:23 ` pageexec
2008-09-05 16:52 ` Ingo Molnar
2008-09-05 17:26 ` Andi Kleen
2008-09-05 19:42 ` pageexec
2008-09-05 20:48 ` Andi Kleen
2008-09-05 19:37 ` pageexec
2008-09-06 15:42 ` Ingo Molnar
2008-09-07 0:17 ` pageexec
2008-09-05 12:01 ` Andi Kleen
2008-09-05 20:41 ` Willy Tarreau
2008-09-06 15:45 ` Ingo Molnar
2008-09-06 16:34 ` Jeroen van Rijn
2008-09-07 12:53 ` Pavel Machek [this message]
2008-09-05 16:05 ` Arjan van de Ven
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080907125331.GA1707@elf.ucw.cz \
--to=pavel@suse.cz \
--cc=andi@firstfloor.org \
--cc=arjan@infradead.org \
--cc=benh@kernel.crashing.org \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=pageexec@freemail.hu \
--cc=tglx@tglx.de \
--cc=w@1wt.eu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox