lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20040619213809.42774BC078@spike.porcupine.org>
Date: Sat, 19 Jun 2004 17:38:09 -0400 (EDT)
From: wietse@...cupine.org (Wietse Venema)
To: Valdis.Kletnieks@...edu
Cc: Manuel Bouyer <bouyer@...ioche.eu.org>,
	bugtraq@...urityfocus.com, cert@...t.org, phrackstaff@...ack.org,
	staff@...ketstormsecurity.org, security@...eBSD.org
Subject: Re: Unprivilegued settings for FreeBSD kernel variables


Valdis.Kletnieks@...edu:
-- Start of PGP signed section.
> On Thu, 17 Jun 2004 13:28:59 +0200, Manuel Bouyer said:
> > On Tue, Jun 15, 2004 at 08:42:23AM +0200, Radko Keves wrote:
> > > [...]
> > > 
> > > AFFECTED DISTRIBUTIONS:
> > > FreeBSD 5.x i386
> > > FreeBSD, OpenBSD, NetBSD is most likely also affected (investigation needed)
> > 
> > NetBSD is not, a LKM can't be loaded if securelevel is > 0.
> 
> Note *very* carefully the fact that the statement "you can't load a LKM" is not
> totally identical to "you can't cause an LKM to be in the kernel".
> 
> Hunt down the Phrack article on loading an LKM into a Linux kernel *that
> doesn't even have module support*, and ask yourself if you're quite as sure
> that there is *zero* vulnerability there....

FYI, with BSD securelevel > 0, you can't poke a module into the
kernel via /dev/*mem, so this Linux loading method won't work.

Likewise, write access to mounted devices is forbidden.  Without
such restrictions, securelevels would be pretty much meaningless.

For more details, please see "man securelevel" or equivalent.

	Wietse


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ