On Wed, Sep 12, 2007 at 05:44:30PM -0500, Brent Casavant wrote:
> P.S. By the way, there doesn't seem to be a way to remove /proc/#/mem
> files. That might be an additional nicety -- programs worried about
> being snooped could unlink their own entry. /dev/mem and /dev/kmem
> can simply be removed by the sysadmin of such a system. If all of
> that were done you'd have to resort to attacking crash dumps, core
> dumps, or via something like kdb to extract "hidden" data.
Give me a break. And learn about ptrace(2). This "unlinking" bullshit
buys you zero additional security, both for /proc/*/mem and for /dev/mem
(see mknod(2)).
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
