Date: Tue, 13 Jul 1999 12:22:09 +0930 (CST) From: Kris Kennaway <kkennawa@physics.adelaide.edu.au> To: Greg Lehey <grog@lemis.com> Cc: crypt0genic <crypt0genic@ecad.org>, Mark Newton <newton@internode.com.au>, hackers@freebsd.org, Karl Pielorz <kpielorz@tdx.co.uk> Subject: Re: Compromising a FreeBSD from inside (was: (forw)) Message-ID: <Pine.OSF.4.10.9907131220170.12183-100000@mercury.physics.adelaide.edu.au> In-Reply-To: <19990713111341.S21403@freebie.lemis.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 13 Jul 1999, Greg Lehey wrote:
> In fact, the most interesting thing about this (rather large) document
> is that it's the best documentation I've seen on klds. I don't know
> why anybody would want to use it for compromising security, since it's
> a *lot* of work, and to even get as far as installing it you have to
> be root already, so you would have plenty of easier alternatives.
It's more for hiding yourself once you're already in; if you load a module
at boot-time which hides the fact that it was loaded, hides the module itself
from being listed by the filesystem syscalls, and hides whatever else you
want, you could presumably stay hidden a lot easier.
Kris
-----
"Never criticize anybody until you have walked a mile in their shoes,
because by that time you will be a mile away and have their shoes."
-- Unknown
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.OSF.4.10.9907131220170.12183-100000>