On Aug 14 2007 21:50, Andi Kleen wrote:
>Hajime Inoue <[email protected]> writes:
>
>> Just protecting the table does not stop rootkits. A highly referenced
>> phrack article explains how to bypass the table.
>
>During .23-pre for some time the kernel text was protected too (that
>would have likely stopped that particular attack), but it was
>removed because it caused too many problems.
>
>Ultimatively it is useless for security anyways because the page
>tables cannot be protected (because there are valid reasons to change
>them).
But with DEBUG_RODATA (does that also apply to .text?) enabled,
accidental writes to it should cause a fault rather than doing silent
changes, would not it?
Jan
--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
