On Fri, Mar 31, 2006 at 06:29:57PM -0500, Ken Hornstein wrote: > >> I agree that you can design a user-land scheme that's a lot better than > >> a simple file, but there are enough tools available for grovelling through > >> a user-level daemon's memory that I would prefer to have something better. > >> Again, it's not 100%, but it's all a matter of degree. > > > >One tool name: DTrace. > > > >Ok, two: kmdb. > > > >Well, let's make it three and stop there: Xen. > > > >Sorry, I don't buy this line of argument. > > I guess I don't follow you (and isn't Xen a virtual machine? How does > that apply?).
You said "but there are enough tools available for grovelling through a user-level daemon's memory that I would prefer to have something better," which I took to mean that you think that kernel memory is somehow not subject to such tools. Well, that's not so (let's not discuss TCG/TPMs here). > I did say "matter of degree". Sure, you can look through > the whole kernel, and tools exist to do that today; but it's a harder > task than looking through one process. (I don't seem to have kmdb or > Dtrace on any Solaris systems here; I don't know if they cost extra, > but if an attacker would need those tools, they'd be out of luck here, > assuming they didn't get a license from someone else). DTrace and [k]mdb come with Solaris 10, they cost nothing extra, and they use basic facilities that any all-privileged user-land application can also use. > Anyway, I guess we're not going to agree on this one. Guess not :/ ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
