From owner-freebsd-security Mon Jul 12 1:59:17 1999 Delivered-To: freebsd-security@freebsd.org Received: from overcee.netplex.com.au (overcee.netplex.com.au [202.12.86.7]) by hub.freebsd.org (Postfix) with ESMTP id 3648B14CF5 for ; Mon, 12 Jul 1999 01:59:03 -0700 (PDT) (envelope-from peter@netplex.com.au) Received: from netplex.com.au (localhost [127.0.0.1]) by overcee.netplex.com.au (Postfix) with ESMTP id 2B14C8A; Mon, 12 Jul 1999 16:58:57 +0800 (WST) (envelope-from peter@netplex.com.au) X-Mailer: exmh version 2.0.2 2/24/98 To: Darren Reed Cc: des@flood.ping.uio.no (Dag-Erling Smorgrav), security@FreeBSD.ORG Subject: Re: Module magic In-reply-to: Your message of "Mon, 12 Jul 1999 17:41:30 +1000." <199907120741.RAA08815@cheops.anu.edu.au> Date: Mon, 12 Jul 1999 16:58:57 +0800 From: Peter Wemm Message-Id: <19990712085857.2B14C8A@overcee.netplex.com.au> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Darren Reed wrote: > In some mail from Dag-Erling Smorgrav, sie said: > > > > Thought this'd be of interest to this list: > > > > http://thc.pimmel.com/files/thc/bsdkern.html > > So what ? > > Nothing in that document is "new" although it might be the > first time it's been documented for script-kiddies. Yeah, the main worrying thing about it is the hard coding of internal data structures and bypassing of proper interfaces. I'm half thinking about doing a couple of arbitary rearrangements of some internal (opaque) data structures to make their life a bit more exciting. I'd rather a box panic and burn if a script kiddie gets in and tries to use some of these ``techniques'' than have it run whatever they like undetected. This will be totally harmless to the existing modules since the data structures are not used outside kern_*.c. > Darren Cheers, -Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message