On Tue, 01 Mar 2005 10:09:34 +1000, QuantumG <[EMAIL PROTECTED]> wrote: > I dunno if anyone else has said this or not, but /dev/kmem and the joy > of kernel exploits can allow an attacker to taint a kernel in ways that > you simply cannot detect. Not to mention the fact that kernel modules
Actually it was mentioned during the current thread, with a mention of articles which demonstrate how it's done, if I remember correctly. But your message made me wonder - is it practical to disable creation of /dev/kmem? What other practical ways have we got to avoid attacks through it? SE Linux? GRSecurity? Cheers, --Amos -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
