Re: LKM rootkits in 2.6.x

From: Christophe Saout
Date: Thu Mar 11 2004 - 14:18:03 EST

Next message: John Reiser: "Re: [PATCH] binfmt_elf.c allow .bss with no access (p---)"
Previous message: Martin Schwidefsky: "[PATCH] s390 bits for remap-file-pages-prot."
In reply to: Dave Jones: "Re: LKM rootkits in 2.6.x"
Next in thread: Valdis . Kletnieks: "Re: LKM rootkits in 2.6.x"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am Do, den 11.03.2004 schrieb Dave Jones um 19:48:

> Don't bet on it. They'll just start doing what binary-only driver vendors
> have been doing for months.. If the table isn't exported, they find a symbol
> that is exported, and grovel around in memory near there until they find
> something that looks like it, and patch accordingly.

Ugh... this sounds ugly. This should be forbidden. I mean, what are
things like EXPORT_SYMBOL_GPL for if drivers are allowed to patch
whatever they want?

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: John Reiser: "Re: [PATCH] binfmt_elf.c allow .bss with no access (p---)"
Previous message: Martin Schwidefsky: "[PATCH] s390 bits for remap-file-pages-prot."
In reply to: Dave Jones: "Re: LKM rootkits in 2.6.x"
Next in thread: Valdis . Kletnieks: "Re: LKM rootkits in 2.6.x"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]