Re: 2.3 wish: integrate pcmcia into mainstream kernel

Brandon S. Allbery KF8NH (allbery@kf8nh.apk.net)
Sun, 13 Jun 1999 09:00:34 -0400


In message <199906131254.IAA19346@alcove.wittsend.com>, "Michael H. Warfield" w
rites:
+-----
| > If they can run insmod or trash module objects, they can replace the kernel
| > and run lilo, then force a reboot. I see no security improvement, and it's
| > not *that* much harder.
|
| But a reboot is detectable...
+--->8

Only if someone's logged in at the time, or actually looking at the machine.
If not, uptime and log entries can be falsified by the new kernel and hacked
utilities.

"Too hard"? You'd be surprised what's in rootkits.

-- 
brandon s. allbery	[os/2][linux][solaris][japh]	 allbery@kf8nh.apk.net
system administrator	     [WAY too many hats]	   allbery@ece.cmu.edu
carnegie mellon / electrical and computer engineering			 KF8NH
     We are Linux. Resistance is an indication that you missed the point.

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/