Date: 07 Sep 1999 10:22:02 +0200 From: Dag-Erling Smorgrav <des@flood.ping.uio.no> To: Alex Perel <veers@disturbed.net> Cc: Brad Knowles <blk@skynet.be>, Dag-Erling Smorgrav <des@flood.ping.uio.no>, Pascal Hofstee <daeron@Wit401305.student.utwente.nl>, freebsd-stable@FreeBSD.ORG Subject: Re: softupdates in latest build? Message-ID: <xzpvh9nku6t.fsf@flood.ping.uio.no> In-Reply-To: Alex Perel's message of "Mon, 6 Sep 1999 15:35:16 -0400 (EDT)" References: <Pine.BSF.4.10.9909061521220.81123-100000@shattered.disturbed.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Alex Perel <veers@disturbed.net> writes: > On Mon, 6 Sep 1999, Brad Knowles wrote: > > However, it might be a bit more difficult to script creating and > > installing a new kernel to turn on the ability for people to do > > password sniffing. [...] > Huh? > # echo 'pseudo-device bpf' >> MYKERNEL > # config MYKERNEL > etc. Actually, it's still "bpfilter" in -STABLE. I didn't MFC the name change, since it would have been a gratuitous breach of POLA. > And what are you going to do when bpf becomes a KLD? Scream and shout that > KLDs are evil because they let a cracker who obtained superuser privilige to > load BPF support? KLD modules already let you do much, much more serious stuff than this (refer to Pragmatic/THC's recent article about writing stealth modules to hijack syscalls: http://thc.pimmel.com/files/thc/bsdkern.html), but like bpf, if the attacker can use them (s)he already has root. DES -- Dag-Erling Smorgrav - des@flood.ping.uio.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpvh9nku6t.fsf>