lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20041215204828.GL1598@hyper>
Date: Wed, 15 Dec 2004 13:48:28 -0700
From: gadgeteer@...gantinnovations.org
To: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com
Subject: Re: Linux kernel scm_send local DoS


On Wed, Dec 15, 2004 at 01:31:30PM +0100, Paul Starzetz (ihaquer@...c.pl) wrote:
> I don't think this is practicable, since the bugs reside in deep kernel 
> functions. You can not fix it just by disabling a particular syscall. You 
> have patch a running kernel binary, maybe someone comes up with this kind 
> of utlility.

Not by disabling the syscall but by replacing it in the manner that a
rootkit replaces syscalls.  Build a new kernel from the same
source/config except for patch.  Replace syscalls where there is change.
Practical?
Stable?
No.  Much easier to simply reboot to new kernel.  If service(s) are so
critical as to not tolerate a reboot yet have a single point of failure
on this one component then there are greater problems at play.
-- 
Chief Gadgeteer
Elegant Innovations


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ