From owner-freebsd-current Mon Jul 12 12:27:22 1999 Delivered-To: freebsd-current@freebsd.org Received: from herring.nlsystems.com (nlsys.demon.co.uk [158.152.125.33]) by hub.freebsd.org (Postfix) with ESMTP id E62A01523C for ; Mon, 12 Jul 1999 12:27:18 -0700 (PDT) (envelope-from dfr@nlsystems.com) Received: from salmon.nlsystems.com (salmon.nlsystems.com [10.0.0.3]) by herring.nlsystems.com (8.9.3/8.8.8) with ESMTP id UAA01563; Mon, 12 Jul 1999 20:27:35 +0100 (BST) (envelope-from dfr@nlsystems.com) Date: Mon, 12 Jul 1999 20:27:35 +0100 (BST) From: Doug Rabson To: mestery@visi.com Cc: Scott Michel , freebsd-current@freebsd.org Subject: Re: Just the kind of news we needed... In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 12 Jul 1999 mestery@visi.com wrote: > Hi, > > On Mon, 12 Jul 1999, Scott Michel wrote: > > > If you haven't /.'d today, there's a news article purporting that > > FreeBSD can be exploited via kernel modules: > > > > > > http://thc.pimmel.com/ > > > I actually found the article a very good source of documentation on > programming loadable modules for FreeBSD. Granted, I'm not sure of it's > accuracy, but it was a worthwhile read for someone like myself who has > only coded LKMs for Linux. Very interesting. I just read through it and it is a nice tutorial on how the module system works. I can't see it as an exploit though - you have to be root first to load any code. -- Doug Rabson Mail: dfr@nlsystems.com Nonlinear Systems Ltd. Phone: +44 181 442 9037 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message