On Tue, 3 Oct 2006 17:53:30 -0400
Kyle Moffett <[email protected]> wrote:
> On Oct 03, 2006, at 17:25:07, Bráulio Oliveira wrote:
> > Just forwarding....
>
> Well, you could have checked the list archives first to make sure the
> idiot didn't send it here himself. Secondly if you're going to
> forward something like this best send it to [email protected] first.
>
> Of course, it's partially the abovementioned idiot's fault for BCCing
> a mailing list and several others:
> > To: undisclosed-recipients
>
> > Hello,
> > The present document aims to demonstrate a design weakness found in
> > the
> > handling of simply linked lists used to register binary
> > formats handled by Linux kernel, and affects all
> > the kernel families (2.0/2.2/2.4/2.6), allowing the insertion of
> > infection modules in kernel space that can be used by malicious
> > users to create infection tools, for example rootkits.
>
> Would be nice if I could get to your paper to actually read it, but
> as it returns a 404 error I'm going to make one brief statement:
>
> If you can load another binary format or access the "simply linked
> lists" of the binfmt chain in any way, then you're root and therefore
> there are easier ways to own the box than patching the kernel.
>
> Cheers,
> Kyle Moffett
I looked at it, basically his argument which is all flowered up in pretty
pictures and security vulnerability language is:
If root loads a buggy module then the module can be used to compromise
the system.
Well isn't that surprising.
--
Stephen Hemminger <[email protected]>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]