From owner-freebsd-current  Tue Jul 13  5:51:27 1999
Delivered-To: freebsd-current@freebsd.org
Received: from trinity.radio-do.de (trinity.Radio-do.de [193.101.164.3])
	by hub.freebsd.org (Postfix) with ESMTP id DA1E914FD6
	for <freebsd-current@FreeBSD.ORG>; Tue, 13 Jul 1999 05:51:18 -0700 (PDT)
	(envelope-from fn@trinity.radio-do.de)
Received: (from fn@localhost)
	by trinity.radio-do.de (8.9.3/8.9.1) id OAA63058;
	Tue, 13 Jul 1999 14:49:51 +0200 (CEST)
	(envelope-from fn)
To: Doug Rabson <dfr@nlsystems.com>
Cc: freebsd-current@FreeBSD.ORG
Subject: Re: Just the kind of news we needed...
References: <Pine.BSF.4.10.9907122026280.58023-100000@salmon.nlsystems.com>
From: Frank Nobis <fn@Radio-do.de>
Date: 13 Jul 1999 14:49:50 +0200
In-Reply-To: Doug Rabson's message of "Mon, 12 Jul 1999 20:27:35 +0100 (BST)"
Message-ID: <yge4sj8yas1.fsf@trinity.radio-do.de>
Lines: 41
User-Agent: Gnus/5.070093 (Pterodactyl Gnus v0.93) XEmacs/21.1 (20 Minutes to Nikko)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Doug Rabson <dfr@nlsystems.com> writes:

> On Mon, 12 Jul 1999 mestery@visi.com wrote:
> 
> > Hi,
> > 
> > On Mon, 12 Jul 1999, Scott Michel wrote:
> > 
> > > If you haven't /.'d today, there's a news article purporting that
> > > FreeBSD can be exploited via kernel modules:
> > > 
> > > 
> > > http://thc.pimmel.com/
> > > 
> > I actually found the article a very good source of documentation on
> > programming loadable modules for FreeBSD.  Granted, I'm not sure of it's
> > accuracy, but it was a worthwhile read for someone like myself who has
> > only coded LKMs for Linux.  Very interesting.
> 
> I just read through it and it is a nice tutorial on how the module system
> works. I can't see it as an exploit though - you have to be root first to
> load any code.

That is correct. First you have to be root at all, to get some modules
loaded. Afterwards you can prepare a system in a way that no one will
see, that ther are no backdors installed deep in the kernel. A
malicious system adminstrator can himself open every door for later
user, when the time comes when he is no more sysadm. Image what one
can do with that kind of backdoors.

Otherwise the technics described in the article can be used to avoid
that kind of insult. At least make it no so easy as it is just now.

Just my 2p.

Regards,
        Frank
-- 
 Frank Nobis                            Email: PGP AVAILABLE
 Landgrafenstr. 130                     dg3dcn   http://www.radio-do.de/~fn/
 44139 Dortmund				Powered by SMP FreeBSD


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message