From owner-freebsd-security Sun Oct 7 5:27:22 2001 Delivered-To: freebsd-security@freebsd.org Received: from brea.mc.mpls.visi.com (brea.mc.mpls.visi.com [208.42.156.100]) by hub.freebsd.org (Postfix) with ESMTP id EEA1F37B408 for ; Sun, 7 Oct 2001 05:27:15 -0700 (PDT) Received: from sheol.localdomain (hawkeyd-fw.dsl.visi.com [208.42.101.193]) by brea.mc.mpls.visi.com (Postfix) with ESMTP id B87182DDCFD; Sun, 7 Oct 2001 07:27:14 -0500 (CDT) Received: (from hawkeyd@localhost) by sheol.localdomain (8.11.1/8.11.1) id f97CQhW25480; Sun, 7 Oct 2001 07:26:43 -0500 (CDT) (envelope-from hawkeyd) Date: Sun, 7 Oct 2001 07:26:43 -0500 From: D J Hawkey Jr To: cjclark@alum.mit.edu Cc: Alexander Langer , deepak@ai.net, freebsd-security@FreeBSD.ORG Subject: Re: Kernel-loadable Root Kits Message-ID: <20011007072643.A25464@sheol.localdomain> Reply-To: hawkeyd@visi.com References: <20010908072542.A57605@sheol.localdomain> <20010908143231.A53801@fump.kawo2.rwth-aachen.de> <20010908074445.A77252@sheol.localdomain> <20010908181537.A840@ringworld.oblivion.bg> <20010908102816.B77764@sheol.localdomain> <20010908183728.D840@ringworld.oblivion.bg> <20010908105308.A78138@sheol.localdomain> <20011004023034.U8391@blossom.cjclark.org> <20011006094650.A19631@sheol.localdomain> <20011006164225.B350@blossom.cjclark.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20011006164225.B350@blossom.cjclark.org>; from cristjc@earthlink.net on Sat, Oct 06, 2001 at 04:42:25PM -0700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Oct 06, at 04:42 PM, Crist J. Clark wrote: > > On Sat, Oct 06, 2001 at 09:46:50AM -0500, D J Hawkey Jr wrote: > > Hello, Christ, > > > > Hey, thanks. I for one appreciate this hack. One Q though: Is there a > > config flag to link the screen-saver to the kernel? I can't seem to find > > it. > > # Splash screen at start up! Screen savers require this too. > pseudo-device splash Oh, yeah, this I have. However, [sheol] /usr/home/hawkeyd$ kldstat Id Refs Address Size Name 1 2 0xc0100000 28a868 kernel 2 1 0xc0af6000 2000 blank_saver.ko It seems that the pseudo-device doesn't actually link the saver into the kernel, but just some sort of interface layer? If I'm right, with your patch, I'd have that layer, but no screen saver? > Crist J. Clark Dave -- ______________________ ______________________ \__________________ \ D. J. HAWKEY JR. / __________________/ \________________/\ hawkeyd@visi.com /\________________/ http://www.visi.com/~hawkeyd/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message