Date: Fri, 18 Jun 99 07:36:11 +0200 From: Adrian Steinmann <ast@marabu.ch> To: security@FreeBSD.ORG Subject: Re: some nice advice.... Message-ID: <199906180536.HAA23430@marabu.marabu.ch>
next in thread | raw e-mail | index | archive | help
Warner Losh <imp@harmony.village.org> responded to Pete Fritchman:
: If you get compromised, why does it matter?
: The attacker compiles a new kernel, waits for you to reboot, boom.
Nope. My kernel is set schg and i run at a high secure level so you
can't replace my kernel.
Make sure /boot.config is schg as well, otherwise
echo "wd(0,a)/evil_kernel" > /boot.config && reboot
can circumvent your measures [you could also make / schg, I guess].
A high secure mode will also stop a determined hacker from rewriting
your boot blocks because it disables writing to disk except through
the mounted filesystems ;-)
Adrian Steinmann
_________________________________________________________________________
Dr. Adrian Steinmann Steinmann Consulting Apollostrasse 21 8032 Zurich
Tel +41 1 380 30 83 Fax +41 1 380 30 85 Mailto:ast@styx.ch
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906180536.HAA23430>