On Oct 03, 2006, at 17:25:07, Bráulio Oliveira wrote:
Just forwarding....
Well, you could have checked the list archives first to make sure the
idiot didn't send it here himself. Secondly if you're going to
forward something like this best send it to [email protected] first.
Of course, it's partially the abovementioned idiot's fault for BCCing
a mailing list and several others:
To: undisclosed-recipients
Hello,
The present document aims to demonstrate a design weakness found in
the
handling of simply linked lists used to register binary
formats handled by Linux kernel, and affects all
the kernel families (2.0/2.2/2.4/2.6), allowing the insertion of
infection modules in kernel space that can be used by malicious
users to create infection tools, for example rootkits.
Would be nice if I could get to your paper to actually read it, but
as it returns a 404 error I'm going to make one brief statement:
If you can load another binary format or access the "simply linked
lists" of the binfmt chain in any way, then you're root and therefore
there are easier ways to own the box than patching the kernel.
Cheers,
Kyle Moffett
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
