Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]

To: debian-security@lists.debian.org
Subject: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
From: Rolf Kutz <kutz@netcologne.de>
Date: Tue, 1 Apr 2003 14:31:11 +0200
Message-id: <[🔎] 20030401123111.GE15619@afrika>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 20030401120612.GA555@marcelle.homelinux.org>
References: <3E883C67.3020807@simicro-internet.mg> <20030331134931.GA7092@mood.ritram.it> <[🔎] 3E89761A.60609@simicro-internet.mg> <[🔎] 20030401120612.GA555@marcelle.homelinux.org>

* Quoting Marc Demlenne (m.demlenne@skynet.be):

>   echo unexisting_binary > /proc/sys/kernel/modprobe
> 
> Can we trust this solution ?
> What's the effect ?

You can't dynamically load and unload modules
anymore. If you load all the modules you need
before doing it, you're fine.

> It seems to work fine, and to block the exploit on my box.
> But i don't know the effect on the system, since i guess this file has a
> good reason to be present on a debian box ... 
> So is it a good idea to modify it this way ?

Untill you installed a patched kernel, yes, if you
don't need to dynamically (un)loaded modules.

- rk

-- 
http://www.stop1984.com/

Reply to:

References:
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: DouRiX <dourix-tech@simicro-internet.mg>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Marc Demlenne <m.demlenne@skynet.be>

Prev by Date: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Next by Date: Re: [d-security] Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Previous by thread: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Next by thread: Re: [d-security] Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Index(es):
- Date
- Thread