modules

Jörg W Mittag Joerg.Mittag at Web.De
Wed Jan 7 03:50:36 PST 2004


Ian Molton wrote:
> On Wed, 7 Jan 2004 02:42:22 +0100 Jörg W Mittag <Joerg.Mittag at Web.De>
> wrote:
>> *and if* he's able to trigger some action which loads this module - that
>> is a lot of ifs.
> and if he can place the modules somewhere the kernel will look for it -
> which probably requires root...

This is only needed if the attacker wants to insert his own module into the
kernel. In the third paragraph I was referring to a hypothetical security
flaw in the module handling code (both in-kernel and
modutils/module-init-tools) itself. To exploit this the attacker only needs
to "convince" the kernel to load *any* module. I think this is what the
ptrace() exploit did, although I never actually understood it. /me should
really start learning C ...

jwm
-- 
gtkmm-1.2.10% ./configure --help
    --enable-voodoo    Use Voodoo Fried Chicken spell to compile Gtk-- (use
                       this only when everything else fails)



More information about the hlfs-dev mailing list