lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070831190325.GB65511@demeter.hydra>
Date: Fri, 31 Aug 2007 13:03:25 -0600
From: Chad Perrin <perrin@...theon.com>
To: bugtraq@...urityfocus.com
Subject: Re: Sony: The Return Of The Rootkit

On Thu, Aug 30, 2007 at 06:10:25PM +0200, Paul Sebastian Ziegler wrote:
> 
> Not everything that interacts with the kernel is a rootkit. Or would
> anyone want to classify GRSecurity as a rootkit? RBAC will let you hide
> parts of your filesystem as well...

Actually, the impression I got is that the term "rootkit" was being used
correctly in this case -- in that it referred to software that can be
used when one has rooted a machine to cover one's tracks.  Whether or not
software interacts with the kernel really has nothing to do with whether
it's a rootkit, and I don't recall seeing anything in the linked
discussions of Sony's software that suggested otherwise.

-- 
CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ]
W. Somerset Maugham: "The ability to quote is a serviceable substitute for
wit."

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ