begin quote On Fri, 3 Oct 2003 08:02:23 -0400 gabriel <[EMAIL PROTECTED]> wrote:
> On October 3, 2003 04:24 am, Spider wrote: > > begin quote > > On Fri, 03 Oct 2003 06:34:49 +0000 > > > > "Senectus -" <[EMAIL PROTECTED]> wrote: > > > hats basicly saying you can load all kernel modules into the > > > kernel, > > > and disable insmod and that tightens up security a crap load?? > > > > The paper shows how to add modules into a kernel even if it is > > statical > > and you have removed insmod. > > what if you disabled "loadable module support" in the kernel? *sigh* Could you at least read the link I posted? It is about the specific case where module-loading is -not- built into the kernel. There are even -simpler- ways to do it when module-loading is enabled. All from hijacking an existing module to inserting it without insmod (oh, I removed insmod so im safe. oh, the user made one in bash/perl/python/asm . oops.) Grsec, selinux and a few other "hardening" projects are basically the only way of solving the "problem" that once an attacker is root, he owns your machine, including the kernel. //Spider -- begin .signature This is a .signature virus! Please copy me into your .signature! See Microsoft KB Article Q265230 for more information. end
pgp00000.pgp
Description: PGP signature
