arjentechnologist.com

• Next message: Dirk.Nitkaages.de: "[suse-security] chroot manual"
• Previous message: Timo Schulz: "[suse-security]: Netscape certificate"
• In reply to: Kurt Seifried: "Re: [suse-security] masquerading and a monolithic kernel"
• Next in thread: Roman Drahtmueller: "Re: [suse-security] masquerading and a monolithic kernel"
• Reply: Arjen Runsink: "Re: [suse-security] masquerading and a monolithic kernel"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

It seems that Kurt got a message that I haven't received (yet, though
it's about 5 hours now after he sent it)

Kurt Seifried wrote:
>
> > >Experimenting with a firewall I compiled a monolithic kernel with
> > >masquerading and without loadable module support so as to make it
> > >impossible to subvert the kernel by a malicious module.
> > I wondered about this too, but dont you need root-rights in order to load
> a
> > kernel modul ?
>
> Not always =) Also once you load a module (like say NARK, a kernel level
>
> >
> > MfG
> > Matthias
>
> -Kurt

Root rights are obtaineable saidly. (Buffer overflow in a setuid root
program)) Or sniffed from a telnet session from a _very_ ignorant
sysadmin etc.

BB, Arjen

-- 
Sell what you use, use what you sell.
---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com

• Next message: Dirk.Nitkaages.de: "[suse-security] chroot manual"
• Previous message: Timo Schulz: "[suse-security]: Netscape certificate"
• In reply to: Kurt Seifried: "Re: [suse-security] masquerading and a monolithic kernel"
• Next in thread: Roman Drahtmueller: "Re: [suse-security] masquerading and a monolithic kernel"
• Reply: Arjen Runsink: "Re: [suse-security] masquerading and a monolithic kernel"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]