[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20080907125331.GA1707@elf.ucw.cz>
Date: Sun, 7 Sep 2008 14:53:31 +0200
From: Pavel Machek <pavel@...e.cz>
To: Ingo Molnar <mingo@...e.hu>
Cc: Willy Tarreau <w@....eu>,
Benjamin Herrenschmidt <benh@...nel.crashing.org>,
pageexec@...email.hu, Andi Kleen <andi@...stfloor.org>,
Arjan van de Ven <arjan@...radead.org>,
linux-kernel@...r.kernel.org, tglx@...x.de, hpa@...or.com
Subject: Re: [patch] Add basic sanity checks to the syscall execution patch
On Sat 2008-09-06 17:45:51, Ingo Molnar wrote:
>
> * Willy Tarreau <w@....eu> wrote:
>
> > Then they will simply proceed like this :
> > - patch /boot/vmlinuz
> > - sync
> > - crash system
> >
> > => user says "oh crap" and presses the reset button. Patched kernel boots.
> > Game over. Patching vmlinuz for known targetted distros is even easier
> > because the attacker just has to embed binary changes for the most
> > common distro kernels.
>
> a reboot often raises attention. But yes, in terms of end user boxes,
> probably not. Anyway, my points were about transparent rootkits
> installed on a running system without anyone noticing - obviously if the
> attacker can modify the kernel image and the user does not mind a reboot
> it's game over.
Well, install a rootkit in /boot/vmlinuz, sync, then wait for user to
reboot its system?
Even well-kept servers are rebooted from time to time.
I agree -- the only way to win is not to play this game.
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists