Stefan Esser <[EMAIL PROTECTED]> wrote: > Hello, > > well you describe nothing more than the documented functionality > of the dlopen() call.
Yes of course. But this advisory should sharpen admins-mind to the threats the dl()-function confronts us with. Administrators migth think that these newly loaded modules are "contained" or otherwise protected. > You can also have a lot of fun with loading > linux kernel modules if your admin allows users to load kernel moduels. > And stealing SSL private key from apache memory is not really a > challenge... You only need to search for some signature in memory > and "steal" the next few byte behind it. > > Stefan Esser _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
