Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]

To: debian-security@lists.debian.org
Subject: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
From: David Barroso <tomac@somoslopeor.com>
Date: Tue, 1 Apr 2003 19:49:29 +0200
Message-id: <[🔎] 20030401174928.GA16302@moskovskaya>
In-reply-to: <[🔎] 20030401165306.GA2958@melina.ds14.agh.edu.pl>
References: <3E883C67.3020807@simicro-internet.mg> <20030331134931.GA7092@mood.ritram.it> <[🔎] 3E89761A.60609@simicro-internet.mg> <[🔎] 20030401133615.GA17185@mood.ritram.it> <[🔎] 20030401133017.GA28537@vnl.com> <[🔎] 20030401165306.GA2958@melina.ds14.agh.edu.pl>

* Marcin Owsiany (porridge@debian.org) wrote:
> On Tue, Apr 01, 2003 at 02:30:17PM +0100, Dale Amon wrote:
> > On Tue, Apr 01, 2003 at 03:36:15PM +0200, Maurizio Lemmo - Tannoiser wrote:
> > > In a server enviroment, where there no need to load modules at run-time,
> > > could be a "usable workaorund", but, in a workstation machine, i don't
> > > think thats a great idea.
> > 
> > In a server environment it is preferable not to
> > compile with modules at all.
> 
> Why?

One reason is security:
it's relatively easy for an intruder to install a kernel module based
rootkit, and then hide her processes, files or connections.

Reply to:

Follow-Ups:
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Ralf Dreibrodt <rd@mesos.de>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Phillip Hofmeister <plhofmei@zionlth.org>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Dariush Pietrzak <eyck@forumakad.pl>

References:
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: DouRiX <dourix-tech@simicro-internet.mg>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Maurizio Lemmo - Tannoiser <mizio@tenzione.it>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Dale Amon <amon@vnl.com>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Marcin Owsiany <porridge@debian.org>

Prev by Date: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Next by Date: Re: [d-security] Re: [d-security] Re: [d-security] Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Previous by thread: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Next by thread: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Index(es):
- Date
- Thread