spyro at f2s.com
Wed Jan 7 09:29:02 PST 2004
On Wed, 7 Jan 2004 12:50:36 +0100
Jörg W Mittag <Joerg.Mittag at Web.De> wrote:
> In the third paragraph I was referring to a hypothetical security
> flaw in the module handling code (both in-kernel and
> modutils/module-init-tools) itself. To exploit this the attacker only needs
> to "convince" the kernel to load *any* module.
Oh yes, agreed there. but why confuse the issue wrt the module handling code? convincing the kernel to execute ANY code in it that is exploitable will work, eg. the recent mremap() exploit.
Also, if the module code has a bug then you're fscked anyway if you want to use modules as sooner or later you'll want to load a module, so the 'attacker' wont have to trick anything, just wait.
If you're not using modules, you shouldnt have had the code compiled in anyways ;-)
Spyros lair: http://www.mnementh.co.uk/ |||| Maintainer: arm26 linux
Do not meddle in the affairs of Dragons, for you are tasty and good with ketchup.
More information about the hlfs-dev