On 8/13/05, Arjan van de Ven <[email protected]> wrote:
> On Fri, 2005-08-12 at 09:35 -0700, Linus Torvalds wrote:
> >
> > On Thu, 11 Aug 2005, Steven Rostedt wrote:
> > >
> > > Found the problem. It is a bug with mmap_kmem. The order of checks is
> > > wrong, so here's the patch. Attached is a little program that reads the
> > > System map looking for the variable modprobe_path. If it finds it, then
> > > it opens /dev/kmem for read only and mmaping it to read the contents of
> > > modprobe_path.
> >
> > I'm actually more inclined to try to deprecate /dev/kmem.. I don't think
> > anybody has ever really used it except for some rootkits. It only exists
> > in the first place because it's historical.
> >
> > We do need to support /dev/mem for X, but even that might go away some
> > day.
> >
> > So I'd be perfectly happy to fix this, but I'd be even happier if we made
> > the whole kmem thing a config variable (maybe even default it to "off").
>
I believe rootkit detectors, as well as some versions of ps (wchan
field) use kmem.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
| |
 |