Secure usage of netfilter hooks

From: Abhishek Singh (abhi@cc.gatech.edu)
Date: Thu Jan 30 2003 - 12:33:04 EST

Next message: Alan Cox: "Re: Linux 2.4.21-pre4"
Previous message: Thomas Davis: "Re: Linux 2.4.21-pre4"
Next in thread: Gianni Tedesco: "Re: Secure usage of netfilter hooks"
Reply: Gianni Tedesco: "Re: Secure usage of netfilter hooks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,
Is it possible for a netfilter hook registered during module insertion
time to be removed by a userspace application (such as iptables) without
the insertion of a new module?

What I am trying to do is implement a hook for secure packet processing
using netfilter. If however an attacker can remove this hook without
inserting a new module or compromising the kernel in some way then the
security level of this hook is compromised.

Thanks and Regards,

-abhi

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/

Next message: Alan Cox: "Re: Linux 2.4.21-pre4"
Previous message: Thomas Davis: "Re: Linux 2.4.21-pre4"
Next in thread: Gianni Tedesco: "Re: Secure usage of netfilter hooks"
Reply: Gianni Tedesco: "Re: Secure usage of netfilter hooks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Fri Jan 31 2003 - 22:00:24 EST