Date: 13 Jul 1999 14:49:50 +0200 From: Frank Nobis <fn@Radio-do.de> To: Doug Rabson <dfr@nlsystems.com> Cc: freebsd-current@FreeBSD.ORG Subject: Re: Just the kind of news we needed... Message-ID: <yge4sj8yas1.fsf@trinity.radio-do.de> In-Reply-To: Doug Rabson's message of "Mon, 12 Jul 1999 20:27:35 %2B0100 (BST)" References: <Pine.BSF.4.10.9907122026280.58023-100000@salmon.nlsystems.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Doug Rabson <dfr@nlsystems.com> writes: > On Mon, 12 Jul 1999 mestery@visi.com wrote: > > > Hi, > > > > On Mon, 12 Jul 1999, Scott Michel wrote: > > > > > If you haven't /.'d today, there's a news article purporting that > > > FreeBSD can be exploited via kernel modules: > > > > > > > > > http://thc.pimmel.com/ > > > > > I actually found the article a very good source of documentation on > > programming loadable modules for FreeBSD. Granted, I'm not sure of it's > > accuracy, but it was a worthwhile read for someone like myself who has > > only coded LKMs for Linux. Very interesting. > > I just read through it and it is a nice tutorial on how the module system > works. I can't see it as an exploit though - you have to be root first to > load any code. That is correct. First you have to be root at all, to get some modules loaded. Afterwards you can prepare a system in a way that no one will see, that ther are no backdors installed deep in the kernel. A malicious system adminstrator can himself open every door for later user, when the time comes when he is no more sysadm. Image what one can do with that kind of backdoors. Otherwise the technics described in the article can be used to avoid that kind of insult. At least make it no so easy as it is just now. Just my 2p. Regards, Frank -- Frank Nobis Email: PGP AVAILABLE Landgrafenstr. 130 dg3dcn http://www.radio-do.de/~fn/ 44139 Dortmund Powered by SMP FreeBSD To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?yge4sj8yas1.fsf>