Date: Thu, 21 Dec 2000 11:39:56 -0500 (EST) From: Mikhail Kruk <meshko@cs.brandeis.edu> To: Kris Kennaway <kris@FreeBSD.ORG> Cc: "Michael A. Williams" <mike@netxsecure.net>, <security@FreeBSD.ORG> Subject: Re: Read-Only Filesystems Message-ID: <Pine.LNX.4.30.0012211139260.27904-100000@daedalus.cs.brandeis.edu> In-Reply-To: <20001221064842.B27118@citusc.usc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
> > > Don't forget chflags'ing every binary involved in the startup process, > > > too. And all of your kernel modules. And the boot loader and its > > > config files. And all of the appropriate directories. And /etc/fstab > > > so null or union mounts can't be used to shadow a protected file...you > > > get the picture :-) > > > > Securelevel 2 should not allow loading of kernel modules. > > Correct, but if they're not noschg then you can trivially trojan a > kernel module which you know is loaded at boot time. Or you can add > yourself a new kernel module and load it by editing the boot loader > config, or by editing one of the startup scripts, or by trojaning one > of the binaries run during the system startup prior to raising of > securelevel, etc etc. > > Then cause, or wait for a reboot. wait, but can't you make kernel modules and startup scripts noschg too? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.30.0012211139260.27904-100000>